2 min read

TAP Air Portugal confirms hack, as Ragnar Locker gang leaks data - including that of Portuguese president

Graham CLULEY

September 26, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
TAP Air Portugal confirms hack, as Ragnar Locker gang leaks data - including that of Portuguese president

Politicians including Portuguese president Marcelo Rebelo de Sousa are amongst those who have had their personal information leaked following an attack by the notorious Ragnar Locker gang against the country's national airline TAP.

Back in August, TAP Air Portugal tweeted that although it had been targeted by a cyber attack, it had found no evidence that suggested customer data had been improperly accessed.

Unfortunately for the airline and its customers, databases containing over five million records with details such as passengers' dates of birth, email addresses, genders, nationalities, phone numbers, physical addresses, and frequent flier numbers were already being circulated via the Ragnar Locker gang's site on the dark web.

Aside from President de Sousa, other Portuguese MPs, government staff, and members of security forces appear to have been impacted by the data breach.

TAP said that it had seen no evidence that payment data had been retrieved from its systems, but warned passengers that the release of their personal data "could increase the risk of their illegal use, namely aimed at obtaining other data that could compromise the digital systems in fraudulent attempts such as phishing."

TAP's CEO, Christine Ourmieres-Widener, has told the media that the airline is "very serious about customer data."

It's a shame, therefore, to visit TAP Air Portugal's website and find that the data breach appears to have been presented to customers in as low key a fashion as possible.  Yes, it's on the main page of the website - but it hardly draws attention to itself.

As with other data breaches, customers would be wise to be extremely careful about unsolicited communications which may request further personal information from recipients (as they could be sent by fraudsters phishing for more details).  In addition, affected members of the public would be wise to take care not to click on suspicious links or open unsolicited attachments shared with them via email.

It's easy to imagine how a fraudster might contact users affected by the data breach via email, using the disguise of an official communication from TAP Air Portugal about the data breach, and duping the unwary to perhaps share their financial details or other sensitive information.

In addition, TAP is recommending that customers change any passwords that they use to access their accounts with the airline, as a matter of precaution.

tags


Author



Right now

Top posts

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
Cyber Tips for a Spook-Free Halloween

Cyber Tips for a Spook-Free Halloween

October 26, 2022

3 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Royal Ransomware Launches Attacks on US Healthcare Organizations, Government Warns Royal Ransomware Launches Attacks on US Healthcare Organizations, Government Warns
Vlad CONSTANTINESCU

December 09, 2022

2 min read
North Korean APT Group Exploits Internet Explorer Zero-Day Flaw, Google Warns North Korean APT Group Exploits Internet Explorer Zero-Day Flaw, Google Warns
Vlad CONSTANTINESCU

December 08, 2022

2 min read
Medibank Goes Offline to Rebuild Cyber Defenses in Wake of October Hack Medibank Goes Offline to Rebuild Cyber Defenses in Wake of October Hack
Filip TRUȚĂ

December 08, 2022

2 min read