The airline TAP Air Portugal is facing the data leak of more than a million of its customers. Cybercriminal group Ragnar Locker is behind the spread, says Zataz.
Portuguese national airline, TAP Air Portugal was already very weakened by the coronavirus pandemic, with accounts in the red and candidates (Air France, Lufthansa) who follow one another with a view to a takeover. The revelations of Damien Bancal, the founder of the cyber monitoring site Zatazwill not help the situation of the company, whose data of 1.5 million customers have been hacked.
Customer data hosted in an unsecured cloud
The hackers of the Ragnar Locker group, spotted at the end of 2019 by the FBI and which in the past attacked companies such as CMA CGM, LDLC.com, Dassault Falcon Jet or Capcom, published from their space the complete data of TAP Air Portugal. ” We have come to this decision because we see that TAP Air has absolutely no concern for the privacy of the personal information it has collected. “say the hackers.
In other words, Ragnar Locker wanted to point out the company’s security shortcomings. Data belonging to hundreds of thousands of customers was simply discovered in an unsecured cloud.
” It should be noted that all personal information contained within the TAP Air network has not been encrypted in any way “, add the hackers. According to them, the Portuguese company would have hired hackers outright to silence the Ragnar Locker group. In vain then.
Hackers point to the lack of seriousness of the company, still exposed to a new hack
Zataz was able to identify some 518 stolen CSV files, which run from January 2021 to the end of June 2022. Looking more closely at one of the samples provided, we see that some customers are French (several thousand would be affected), English, Brazilian or Luxembourgish.
Among the data collected by hackers are customer numbers, dates of birth, surnames, first names, nationalities, sexes, postal addresses and email addresses. ” You should therefore think twice when signing a user agreement for data processing (…). The most interesting thing is that they still haven’t fixed the vulnerabilities in their own network and such a problem could happen again “, explain the hackers. In other words: the company is not immune to a new hack, while it indicated, in a message on social networks published on September 2, “ adopt (…) all appropriate containment and remediation measures to protect the company and its customers “.
That day, TAP Air Portugal confirmed that it had been the victim of a cyberattack, ” promptly reported to the competent authorities which is GDPR compliant. On the other hand, what is not is that the captured data was hosted in the clear in the Cloud.
Source : Zataz
2