"Portuguese Airliner Vows Defiance Against Extortion Hackers"

Nearly a month after discovering a cybersecurity intrusion, Portugal's national airline publicly pledged not to negotiate with hackers who were publishing customer information on the dark web. The Ragnar Locker Ransomware-as-a-Service (RaaS) group claimed responsibility for the attack after state-owned TAP Air Portugal claimed that no improper access to customer data had occurred. The Ragnar Locker leak site now houses the personal information of 1.5 million TAP customers. In a video message apologizing to customers, airline CEO Christine Ourmieres-Widener stated that there would be no negotiating and that this behavior will not be rewarded. According to the airline, an investigation into a cyber incident began on August 25 and was halted in its early stages. Customers' names, nationalities, genders, dates of birth, addresses, emails, phone numbers, customer registration dates, and frequent flyer numbers were all obtained by hackers. However, TAP claims it found no evidence of payment card information being stolen, and that frequent flyer program data was not compromised. Nonetheless, the airline recommends that users update their passwords. It also warned customers that because their personal information was exposed online, they could be targeted by phishing attacks and other forms of digital fraud. The airline stated that it would not send direct messages regarding this subject to individual customers. This article continues to discuss the Ragnar Locker RaaS group publishing data of 1.5 million TAP Air Portugal customers and the airline's response to this incident. 

DataBreachToday reports "Portuguese Airliner Vows Defiance Against Extortion Hackers"