The Portuguese Attorney General’s Office has opened an investigation into the cyberattack that hit TAP Air Portugal which may have affected 1.5 million customers.
Hackers have obtained the personal data of some of its customers and have been publishing the information on the dark web.
On Thursday, Christine Ourmières, TAP’s chief executive, has apologized to TAP customers who may have had their personal data exposed on the dark web. So far, TAP as refuse to comply with the hackers’ demands.
She said that “TAP will not negotiate with hackers” asking everyone affected to understand this decision.
No payment data was taken in the cyberattack, the flag carrier said in a statement late Wednesday.
Currently, although TAP is in a deeply compromising position, the airline has been working actively into damage-control with the judicial police, Microsoft and the national center for cybersecurity.
“In August 2022, TAP Air Portugal (TAP) internal cybersecurity systems detected unauthorized access to some computer systems. TAP is prepared for this scenario and immediately mobilized a team of internal and external IT and forensic experts to investigate in detail what happened and prevent further damage,” an airline source has stated.
The compromised data includes clients’ names, sex, nationality, date of birth, addresses and telephone numbers, in addition to payment information, contact information, demographic information, frequent flyer number information, and other contact details, the airline disclosed without elaborating.
Lisbon based Expresso, which has had access to the ransacked files, revealed that the data leaked also include “presents identification documents of people who appear to be professionals or partners of TAP, as well as confidential agreements with various companies and relationships with other airlines.”
In an email sent to customers last week, TAP warned customers who may have been affected by the computer attack, and whose data may have been published, that this disclosure “may increase the risk of its illegitimate use” calling for attention to suspicious communications.
Apparently, the cyberattack was a hit by Ragnar Locker, a ransomware group which could be Russian, or operating somewhere from the East. The group ransacked TAP’s IT system at the end of August demanding ‘a ransom’ for the seized information. According to Ragnar Locker, TAP does not keep client data in any kind of encrypted form.
Currently, although TAP is in a deeply compromising position, the airline has been working actively into damage-control. “TAP’s operations are proceeding normally” the airline guarantees.T
TAP Air Portugal is the state-owned flag carrier airline of Portugal, headquartered at Lisbon Airport. The airline offers more than 2,500 flights per week on its network of 90 destinations in 34 countries worldwide, including seven airports in Portugal, 10 in North America, 12 in Central and South America, 20 in Africa and the Middle East and 44 in Europe.
PORTUGUESE AMERICAN JOURNAL | ABOUT
Founded in 1984, in print, the Portuguese-American Journal (PAJ) is an interactive news blog dedicated to the Portuguese-American heritage with the purpose of informing and offering an insight into the Portuguese-American experience.
All issues, printed and digital, are catalogued by the Library of Congress @ https://www.loc.gov/item/94648842/
The Portuguese American Journal is ranked by GoogleNews.
PAJ honors freedom of speech but does not allow for defamatory, malicious, or abusive language including intimidation, name calling, and bullying. Comments that break these requirements, including falsehoods and/or disinformation, will be deleted without notice. Bullying behavior will be blocked.
Follow PAJ @ http://portuguese-american-journal.com/
Advertising @ Rates, terms & conditions
**Report a correction or typo to firstname.lastname@example.org. We are committed to upholding our journalistic standards, including accuracy. Carolina Matos/Editor.