Famous ransomware gang Ragnar Locker took responsibility for the recent cyberattack on Portugal’s national airline Transportes Aéreos Portugueses(TAP). While the airline claimed that the ransomware attack was timely stopped and ensured the passengers that the hackers did not access any data on the impacted servers, the hacker group says otherwise.
The state-owned airline acknowledged the cyberattack via a Tweet on August 26, 2022. “TAP was the target of a cyber-attack, now blocked. Operational integrity is guaranteed. No facts have been found that allow us to conclude that there has been improper access to customer data.”
TAP was the target of a cyber-attack, now blocked. Operational integrity is guaranteed. No facts have been found that allow us to conclude that there has been improper access to customer data. The website and app still have some instability. Thank you for your understanding. pic.twitter.com/zQASbpNtXx
— TAP Air Portugal (@tapairportugal) August 26, 2022
Despite Ragnar Locker claiming that it had stolen hundreds of gigabytes of TAP customers’ data, the airline continues to assert that all data, records, and information were safe.
Ragnar Locker claims to have stolen TAP data
Ragnar Locker announced the attack via its data leak website, stating that the group was behind the malware attack that affected the Portuguese airline’s network and stole hundreds of gigabytes of customer data.
In its defense, the airline declined the claims of the hacker group, which further agitated the group, and it vowed to produce “irrefutable evidence” to refute TAP’s assertion that its clients’ data were not affected. Additionally, the group also shared a screenshot of what appears to be a spreadsheet with the names, emails, addresses, and birth dates of TAP’s customers.
TAP admits the attack but denies Ragnar Locker claims of stealing data
TAP admitted that it had suffered a cyberattack that hindered the normal functioning of its website and mobile application, making both inaccessible. The airline also issued an alert for its customers about the possible breach.
However, it added that customers could still book flights, complete online check-in processes, and download their boarding passes without logging into the app or the website. Though the airline is yet to confirm that it was a ransomware attack, the Ragnar Locker ransomware gang seemed confident in its claims.