ragnarlocker attacks AIRPORTUGAL
Incident Date:
September 12, 2022
Overview
Title
ragnarlocker attacks AIRPORTUGAL
Victim
AIRPORTUGAL
Attacker
Ragnarlocker
Location
First Reported
September 12, 2022
Ragnarlocker Ransomware Attack on TAP Air Portugal
TAP Air Portugal, the national airline of Portugal, has been targeted by the Ragnarlocker ransomware group, which claimed responsibility for the attack on their website. The airline, which operates in the transportation sector, has been a victim of a significant data breach, with over five million records containing personal information such as names, dates of birth, email addresses, phone numbers, and physical addresses being leaked.
The attack occurred in August 2022, and TAP Air Portugal initially reported that they had successfully repelled the cyberattack and no data was compromised. However, the Ragnarlocker gang later posted a screenshot of a spreadsheet on their leak site, suggesting that they had indeed managed to exfiltrate hundreds of gigabytes of data. The company's website and app were also affected, becoming unstable.
TAP Air Portugal is a significant player in the aviation industry, and the attack on their systems could have serious implications for their operations and customer trust. The airline has been advised to contact a company specialized in ransomware and cybersecurity removal, such as HelpRansomware, to assist in the recovery of hijacked data.
The Ragnarlocker ransomware gang has been active since late 2019 and gained notoriety in 2021 for targeting critical infrastructure sectors. The attack on TAP Air Portugal is part of a broader trend of ransomware attacks on industrial organizations, with energy and transportation being among the most targeted sectors.
The incident serves as a reminder of the importance of robust cybersecurity measures to protect against such attacks, particularly in the transportation sector where sensitive data and operational integrity are crucial.
Sources
- FlyTAP – TAP's official website
- HelpRansomware: The Cyber Attack on TAP Air Portugal [CASE STUDY]
- Bitdefender: TAP Air Portugal confirms hack, as Ragnar Locker gang leaks data
- Spiceworks: RagnarLocker Ransomware Gang Claims TAP Air Portugal as Its Second Victim in Two Weeks
- UMBC: Account Data Breach: TAP Air Portugal
- SecurityWeek: Ransomware Gang Claims Customer Data Stolen in TAP Air Portugal Hack
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.