Hackers share personal data of 1.5 million TAP customers

The hacker group Ragnar Locker, responsible for the computer attack on TAP at the end of last month, have published personal data of 1.5 million airline customers. This Monday 19th September 2022, a document with 581 gigabytes of information was released on the Dark Web.

According to the newspaper Expresso, TAP did not give in to the blackmail of the group of hackers, who say they continue to have access to the airline’s computer systems.

The data released this Monday by the Ragnar Locker group includes names, addresses, mobile phone numbers of customers, as well as confidential agreements and professional identity cards and information about incidents during operations.

According to Expresso, the company only says that “the intrusion was contained at an early stage, before causing damage to operational processes. TAP’s operations are proceeding normally”.

Hackers had already published data on 115,000 customers more than a week ago, and threatened to leak more information if the ransom was not paid. Expresso advances that the Portuguese air carrier did not give in to the blackmail of the Ragnar Locker group.

The cybercrime group that claimed the attack on TAP is the same that carried out a cyberattack on EDP about two and a half years ago and, at the time, Ragnar Locker asked for a ransom of 10 million euros from the company that always denied any payment.

Using malicious applications, called ransomware, the group starts by infecting computer systems, encrypts and hijacks victims’ data. It then seeks to collect ransoms, usually in cryptocurrencies, so that they are more difficult to detect.

After the first intrusion, TAP warned customers affected by the computer attack on the company, whose data were published, that this disclosure “may increase the risk of its illegitimate use”, calling for attention to suspicious communications.