TAP Air Portugal has assured that it managed to contain the computer attack it was the target of in August at an early stage and says it has no indication that hackers have accessed sensitive information, such as payment data.
"In August 2022, TAP Air Portugal's (TAP) internal cybersecurity systems detected unauthorised access to some computer systems. TAP is prepared for this scenario and immediately mobilised a team of internal and external IT and forensic experts to investigate in detail what happened and prevent further damage", explains the airline.
The carrier also says that "thanks to cybersecurity systems and the quick action of the internal IT team [information technologies], the intrusion was contained at an early stage, before causing damage to operational processes".
"TAP's operations are proceeding normally", guarantees the company, acknowledging that, "unfortunately, some data was stolen by hackers and are being publicly disclosed" and that the affected data may include names, contact information, demographic information and frequent flyer numbers.
TAP also says that the information affected regarding each customer "may vary", but underlines that, "so far, there is no indication that sensitive information, in particular payment data, has been stolen".
"This intrusion was intended to cause damage to TAP and its customers. The security of our customers and business partners and their data is our highest priority. We will therefore continue to take all necessary measures to take care of your data".
According to Expresso, the cybercriminal group Ragnar Locker "has fulfilled the threat it has been making and published 581 gigabytes (GB) of data that it says relates to 1.5 million TAP customers".
In a message published on the Dark Web - the newspaper says -, the Ragnar Lockers "also guarantee that they continue to have access to TAP's computer systems".
In addition to the tables with addresses, telephone numbers and customer names, Expresso, which had access to the files, writes that the data leak "presents identification documents of people who appear to be professionals or partners of TAP, as well as confidential agreements with various companies and relationships with other airlines".
In an email sent to customers last week, TAP warned customers affected by the computer attack, whose data were published, that this disclosure “may increase the risk of its illegitimate use”, calling for attention to suspicious communications.
Sell that useless dinosaur known as take another plane and stop milking money out of the population - who barely can afford to live (in Portugal, they survive but neither work nor live with dignity. Poverty rules all)
By K from Other on 20 Sep 2022, 16:56
I wish TAP would reach out to the customers affected, I have had 3 seperate security notifications (none from TAP) informing me of a data breach and the type of data that was taken from TAP, which is a little bit more than what TAP are stating. Have changed passwords etc. but how do you protect identification information short of applying for new documents?
TAP please be up front and honest and contact the customers directly that have been affected or are you going to bury your head in the sand and hope it goes away?
By Iain Paterson from Lisbon on 23 Sep 2022, 09:31
Regret having flown TAP to Portugal for holidays to Lisbon and the Azores which made me their customer and therefore whose details were exposed. Chose TAP over other airlines as I am Portuguese born.
Regret it now as my contact form inquiring into this was prevented from being submitted. My access to their server for changing my password was denied when changing password is the obvious for all those affected in such an event.
TAP has not contacted me yet. Worse still, my email regarding the matter to their customer service has not received any response. Disgraceful management and administration!
By Dawood Subedar from Other on 26 Sep 2022, 14:19