• World CyberCon India
Firewall Daily Ransomware

Ransomware Gang Ragnar Locker Behind Cyber Attack on Portugal Airline

Portugal's national airline Transportes Aéreos Portugueses admitted that it had suffered a cyberattack that hindered the normal functioning of its website and mobile application, making both inaccessible.

Ransomware Gang Ragnar Locker Behind Cyber Attack on Portugal Airline
  • PublishedSeptember 1, 2022

Famous ransomware gang Ragnar Locker took responsibility for the recent cyberattack on Portugal’s national airline Transportes Aéreos Portugueses(TAP). While the airline claimed that the ransomware attack was timely stopped and ensured the passengers that the hackers did not access any data on the impacted servers, the hacker group says otherwise.

The state-owned airline acknowledged the cyberattack via a Tweet on August 26, 2022. “TAP was the target of a cyber-attack, now blocked. Operational integrity is guaranteed. No facts have been found that allow us to conclude that there has been improper access to customer data.”

Despite Ragnar Locker claiming that it had stolen hundreds of gigabytes of TAP customers’ data, the airline continues to assert that all data, records, and information were safe.

Ragnar Locker claims to have stolen TAP data

Ragnar Locker announced the attack via its data leak website, stating that the group was behind the malware attack that affected the Portuguese airline’s network and stole hundreds of gigabytes of customer data.

In its defense, the airline declined the claims of the hacker group, which further agitated the group, and it vowed to produce “irrefutable evidence” to refute TAP’s assertion that its clients’ data were not affected. Additionally, the group also shared a screenshot of what appears to be a spreadsheet with the names, emails, addresses, and birth dates of TAP’s customers.

TAP admits the attack but denies Ragnar Locker claims of stealing data

TAP admitted that it had suffered a cyberattack that hindered the normal functioning of its website and mobile application, making both inaccessible. The airline also issued an alert for its customers about the possible breach.

However, it added that customers could still book flights, complete online check-in processes, and download their boarding passes without logging into the app or the website. Though the airline is yet to confirm that it was a ransomware attack, the Ragnar Locker ransomware gang seemed confident in its claims.

Written By
Editorial

The Cyber Express is a publication that aims to provide the latest news and analysis about the information security industry. The news comes from a variety of sources and is updated regularly so that readers can stay up to date with the latest happenings in this rapidly growing field.