days after the TAP announced that it was a victim of a cyber attackhacking group Ragnar Locker claims it will have the data of more than 400,000 customers stolen of the airline.
In a sophisticated statement today, TAP acknowledged that they “allegations were made by an organized cybercrime group that customer data had been stolen”which indicates that it continues to assume “all appropriate containment and remedial measures to protect the company and its customers”.
The hacking group claims to have obtained a huge set of sensitive data from TAP customers, including: names, dates of birth, gender, email addresses, addresses and phone numbersafter sharing an image that he claims serves as evidence for the attack.
Click on the images for more details
Remember that the hacker group behind the 2020 Capcom ransomware attack, where 350,000 people’s data has been compromised. RagnarLocker ransomware was also used in the attack on EDP in April of that year, although the attack’s authorship was claimed by the hacking group CyberTeam.
In March of this year, the FBI announced that an attack by the group the networks of at least 52 organizations compromised of 10 critical infrastructure sectors in the United States.
The type of attack that TAP has undergone is still unknown and, as indicated Rui Duro, Country Manager at Check Point Software to SAPO TEK, “all the information available so far does not allow us to know for sure what type of attack was carried out”.
The official details, however, that, “If it really was a ransomware attack, we could be dealing with one of three types of attacks”.
The first undergoes an attack by “simple data encryption and with a ransom demand to disclose information and grant access”. The second by “encryption and blocking of data access” and extraction of the samein a double extortion attack.
The third possibility, described by Rui Duro as the most critical, goes beyond data kidnapping, blocking and theft, where cybercriminals attack entities that had information in the stolen database.
SAPO TEK has contacted the airline and the National Cybersecurity Center (CNCS) for more details on the measures being taken, but we are still awaiting responses.
What to do to protect yourself?
While the alleged data theft has not been confirmed by TAP, if you are a customer of the company, it is natural for you to be concerned about the whereabouts of your personal information. But are there steps you can take to mitigate any problems?
“The best measure you can take is always to prevent, then to cure. At the moment, any action taken is purely to remedy what has happened and to make sure everything is going well,” said Rui Duro.
Changing passwords is an essential step, emphasizes the person responsible. It is important that you create unique, strong and complex passwords is that don’t reuse them on different accounts.
Too simple strings of numbers and letters, names of relatives, important dates and even the name of favorite sports clubs or your pets should not be part of your password. The gallery below shows some of the worst password examples from the past year.
Change Password? Do not follow these examples
Remembering all the complex combinations you use as passwords can be tricky, but there are various online services that can help you to better manage the passwords you use.
In addition to changing passwords, you should: keep a close eye on which messages you receive, because in the event that your email address has been stolen, chances are you will receive more suspicious messages than usual.
Be aware that there are certain spam and/or phishing messages that bypass security measures and end up in the main mailbox. So, you should carefully examine the email addresses of messages before opening them and do not click on links or attachments that you find suspicious.
The same rules also apply to communication on other platforms. Whether instant messages, SMS or even calls: be suspicious of anything that looks suspicious.
And in case TAP data theft is confirmed? Rui Duro states that, in addition to changing passwords, it is recommended that: note “any emails you may receive from the brand, try to validate first if it was really the brand that sent it and never click on sent links immediately”.
If it turns out that bank details registered on the platform have also been stolen, pay special attention to the movements of the respective accountswarns the responsible person and contacts your bank if you notice an unusual situation.