The notorious Ragnar Locker ransomware group allegedly hit Portugal’s flag carrier, TAP Air Portugal, after the airline revealed that its systems were compromised last week.
The company disclosed that they obstructed the attack, hindering the threat actors from conducting further plans. In addition, the firm noted that there is no evidence of attackers gaining access to customer data stored on the compromised servers.
An airline operator revealed that TAP Air Portugal was the target of the malicious activity. However, the integrity of their operation is still unaffected since they have blocked the attack quickly.
Despite some instability with the firm’s app and website, TAP’s researchers did not find any piece of evidence of improper access to their customer data and information misuse. Recently, the airline published an advisory regarding its app and website inaccessibility due to the cyberattack last week.
Fortunately, airline customers could still book a flight, check in and download boarding passes, and manage made bookings without logging in to its app or website.
The airline has not yet confirmed the attack of the Ragnar Locker ransomware group.
TAP Air Portugal has yet to confirm the ransomware attack, but the Ragnar Locker ransomware published a new entry on its data leak website, proving that the ransomware was actual. Hence, TAP’s network is compromised and unsafe for its customers.
Furthermore, the Ragnar Locker operators stated that it has reason to believe that hundreds of Gigabytes of data might disprove TAP’s claims that the actors did not access its customers’ data during the incident.
The group posted some of the samples of their attack after they were provoked by TAP Air Portugal’s statement of immediately repelling their campaign. The Ragnar Locker ransomware also posted a spreadsheet screenshot containing information from the airline company’s server.
The spreadsheet includes names, dates of birth, email addresses, and home addresses.
The ransomware group’s payloads were first identified by researchers in attacks against numerous targets a couple of years ago.
