TAP Air Portugal hit by ransomware: Ragnar Locker claims responsibility

The Ragnar Locker ransomware gang has claimed responsibility for an attack on Portugal’s flag carrier, TAP Air Portugal, which was revealed by the airline after its systems were compromised on Thursday night.

The company stated that the attack was stopped and that no evidence suggested that the attackers gained access to the customer data stored on the affected servers. The airline also issued an alert on Monday, stating that its website and app were unavailable due to the Thursday ransomware attack.

TAP has yet to confirm whether this was a ransomware attack. However, the Ragnar Locker ransomware gang posted a new entry on their data leak website today, claiming responsibility for last week’s cyberattack on TAP’s network.

The ransomware group believes to have ‘reasons’ to assume that hundreds of gigabytes of data were compromised in the incident and has threatened to provide ‘irrefutable evidence’ to negate TAP’s claim that its customers’ data was not accessed. Ragnar Locker also shared a screenshot of a spreadsheet that appears to contain customer data stolen from TAP’s servers, such as names, dates of birth, emails, and addresses.