TAP Air Portugal has assured that it managed to contain the
computer attack it was the target of in August at an early stage and says it has
no indication that hackers have accessed sensitive information, such as payment
“In August 2022, TAP Air Portugal’s (TAP) internal
cybersecurity systems detected unauthorised access to some computer systems.
TAP is prepared for this scenario and immediately mobilised a team of internal
and external IT and forensic experts to investigate in detail what happened and
prevent further damage”, explains the airline.
The carrier also says that “thanks to cybersecurity
systems and the quick action of the internal IT team [information
technologies], the intrusion was contained at an early stage, before causing
damage to operational processes”.
“TAP’s operations are proceeding normally”,
guarantees the company, acknowledging that, “unfortunately, some data was
stolen by hackers and are being publicly disclosed” and that the affected
data may include names, contact information, demographic information and
frequent flyer numbers.
TAP also says that the information affected regarding each
customer “may vary”, but underlines that, “so far, there is no
indication that sensitive information, in particular payment data, has been stolen”.
“This intrusion was intended to cause damage to TAP and
its customers. The security of our customers and business partners and their
data is our highest priority. We will therefore continue to take all necessary
measures to take care of your data”.
According to Expresso, the cybercriminal group Ragnar Locker
“has fulfilled the threat it has been making and published 581 gigabytes
(GB) of data that it says relates to 1.5 million TAP customers”.
In a message published on the Dark Web – the newspaper says
-, the Ragnar Lockers “also guarantee that they continue to have access to
TAP’s computer systems”.
In addition to the tables with addresses, telephone numbers
and customer names, Expresso, which had access to the files, writes that the
data leak “presents identification documents of people who appear to be
professionals or partners of TAP, as well as confidential agreements with
various companies and relationships with other airlines”.
In an email sent to customers last week, TAP warned
customers affected by the computer attack, whose data were published, that this
disclosure “may increase the risk of its illegitimate use”, calling for
attention to suspicious communications.