TAP Air Portugal has assured that it managed to contain the computer attack it was the target of in August at an early stage and says it has no indication that hackers have accessed sensitive information, such as payment data.

"In August 2022, TAP Air Portugal's (TAP) internal cybersecurity systems detected unauthorised access to some computer systems. TAP is prepared for this scenario and immediately mobilised a team of internal and external IT and forensic experts to investigate in detail what happened and prevent further damage", explains the airline.

The carrier also says that "thanks to cybersecurity systems and the quick action of the internal IT team [information technologies], the intrusion was contained at an early stage, before causing damage to operational processes".

"TAP's operations are proceeding normally", guarantees the company, acknowledging that, "unfortunately, some data was stolen by hackers and are being publicly disclosed" and that the affected data may include names, contact information, demographic information and frequent flyer numbers.

TAP also says that the information affected regarding each customer "may vary", but underlines that, "so far, there is no indication that sensitive information, in particular payment data, has been stolen".

"This intrusion was intended to cause damage to TAP and its customers. The security of our customers and business partners and their data is our highest priority. We will therefore continue to take all necessary measures to take care of your data".

Conflicting reports

According to Expresso, the cybercriminal group Ragnar Locker "has fulfilled the threat it has been making and published 581 gigabytes (GB) of data that it says relates to 1.5 million TAP customers".

In a message published on the Dark Web - the newspaper says -, the Ragnar Lockers "also guarantee that they continue to have access to TAP's computer systems".

In addition to the tables with addresses, telephone numbers and customer names, Expresso, which had access to the files, writes that the data leak "presents identification documents of people who appear to be professionals or partners of TAP, as well as confidential agreements with various companies and relationships with other airlines".

In an email sent to customers last week, TAP warned customers affected by the computer attack, whose data were published, that this disclosure “may increase the risk of its illegitimate use”, calling for attention to suspicious communications.