The information, provided by CNN Portugal and cybersecurity website Bleeping Computer, contradicts the statement released by the airline last Friday, where it reported an attack on the 25th. “TAP is aware of this allegation and is investigating”, the carrier told ECO.
In a text published on the deepweb, the hacker group states “they have reason to believe that hundreds of gigabytes may be compromised”, after TAP claimed to have successfully repelled last Thursday's attack. Hackers are now threatening to share a “gigantic amount of irrefutable evidence” that contradicts the company's initial statement.
The group claims that this could be one of the biggest information leaks in the history of the aviation industry, which could lead the Portuguese airline to suffer a “heavy fine from the regulator”. According to CNN Portugal, the data of more than 400,000 customers are at stake.
Contacted by ECO, the airline’s official source confirmed that “TAP is aware of this allegation and is investigating”. The source also said that he has nothing more to add to the statement released last Friday, where they stated that “no fact has been found that allows us to conclude that there was undue access to customer data”.
On 31 August, the air carrier released a new statement stating that “allegations are being made by an organized computer crime group that customer data has been stolen”. “TAP continues to adopt, with the support of an international external entity and in conjunction with the authorities, all appropriate containment and remediation measures to protect the company and its customers”.
Bleeping Computer, a news portal dedicated to cybersecurity matters, shared an image released by Ragnar Locker that allegedly contains potentially sensitive information, such as names, email addresses and other personal information from TAP customers.