Following the hacker attack on TAP’s systems, which took place on August 25, the airline said in a statement this Wednesday that the ‘hackers’ managed to steal personal data from TAP customers, namely information such as name, address, email. mail or telephone number, which is published on the ‘dark web’, the ‘black internet’.
“Unfortunately, we would like to inform you that the categories of personal data provided by TAP customers are as follows: name, nationality, gender, date of birth, address, email, telephone contact, customer registration date and frequent flyer number”, emphasizes the Portuguese airline and emphasizes that the personal information disclosed by hackers can vary from customer to customer.
TAP warns that disclosing stolen personal information could pose an increased risk of it being used illegally, for example through digital fraud and “phishing” schemes – where pirates can trick users into giving away other information, such as bank card details. So far, there is no evidence that payment data has been exfiltrated from TAP’s systems.
“We sincerely apologize to our customers who have been affected by the disclosure of their personal information and for any inconvenience this may cause,” concludes TAP, advising customers to also review the personal access and security conditions of the areas that are reserved for TAP online customers. with regard to the Miles&Go system, you are also warned to be careful with unsolicited communications requesting personal data. It is also recommended not to click on web links or download files from suspicious email addresses.
It is recalled that, despite the computer attack, the rapid intervention made it possible to avoid damage to the company’s operational processes.
TAP also provides answers to some frequently asked questions from customers on this topic. Read the company’s answers to the questions below.
What happened in more detail?
In August 2022, TAP Air Portugal (TAP) internal cybersecurity systems detected unauthorized access to some computer systems. TAP was prepared for this scenario and immediately mobilized a team of internal and external IT specialists and forensic experts to investigate in detail what happened and prevent further damage.
Cybersecurity systems and the swift action of the internal IT team contained the intrusion at an early stage, before damage to operational processes occurred. TAP operations are normal in all areas. Unfortunately, some data has been used illegally by hackers and is being released publicly. The data concerned may include name, nationality, gender, date of birth, address, email, telephone number, customer registration date and frequent flyer number. The relevant information may differ per customer. So far, there is no evidence that payment data has been exfiltrated from TAP’s systems.
This burglary was intended to harm TAP and its customers. The security of our customers and business partners and their data is one of our top priorities. TAP will continue to take all necessary measures to protect them.
What impact did this situation have on TAP’s customers?
Early detection of intrusions meant there was no disruption to TAP’s business processes. Our customers can continue to travel safely with our company.
you hackers did they have access to customer data?
Unfortunately, some data has been unlawfully used by: hackers and are made public. The data concerned may include name, nationality, gender, date of birth, address, email, telephone number, customer registration date and frequent flyer number. The relevant information may differ per customer. So far, there is no evidence that payment data has been exfiltrated from TAP’s systems.
What measures has TAP taken?
Cyber attacks are a constant threat to many companies and TAP was prepared for that possibility. TAP immediately created a team of internal and external IT experts and leading forensics experts to conduct thorough investigations and prevent further damage. All affected systems have been isolated and these systems have been cleaned up. The good news is: TAP’s operations were never affected – all TAP’s operations take place safely.
TAP’s specific actions include: adopting response and containment measures with the support of internal and external teams; the deployment of leading experts for forensics and investigations; the deployment of an external team to support the recovery of compromised systems; and strengthening security measures in specific areas as a precaution.
Were the customer’s personal data secure?
The requested data is securely stored in TAP’s computer systems using appropriate organizational and technical measures based on customary standards to comply with applicable legal requirements.
What organizational and technical measures had been taken to protect TAP against these types of breaches?
The measures taken at TAP include: regular data backups; use of antivirus; firewalls with IDS/IPS; email security tools; use of second authentication factor; band aids of security; vulnerability scans; penetration testing; including cybersecurity training.
What impact did the situation have on business processes?
Cybersecurity systems and the prompt action of the internal IT team contained the intrusion at an early stage. So there was no harm to the operational processes. Our customers can continue to travel safely with our company.
Was there a data breach?
Unfortunately, some data has been used illegally by hackers and are made public. The data concerned may include name, nationality, gender, date of birth, address, email, telephone number, customer registration date and frequent flyer number. The relevant information may differ per customer. So far, there is no evidence that payment data has been exfiltrated from TAP’s systems.
Where are my details disclosed?
The data has been released on the website for publishing data stolen from the attackers. you hackers operate such websites dedicated to information leaks hidden in the “dark web“. A dark web describes part of internet that are not accessible via search engines such as Google or via commonly used web browsers. To access websites on dark web a special browser is required.
What happens to the stolen data?
The attackers published the illegally obtained data at: dark web. Disclosure of personal data through open sources may increase the risk of their misuse, namely for the purpose of obtaining other data that could endanger digital systems to commit fraud (phishing).
What should I do?
Although the access password for Miles&Go or the reserved area for customers is not part of the data concerned, as a precaution we recommend that you check the security conditions that you use to access your reserved area, namely by using a strong password and this to change. too often. We also recommend that you beware of unsolicited communications that ask for personal information and that you avoid clicking links or downloading attachments from suspicious email addresses.
How can I change my password?
The access password can be changed at www.flytap.pt, by selecting the login option in the top right corner of the page and clicking on “I can’t remember/change my password”. You will then need to enter your email address in the “reset/change my password” pop-up window that appears. You will receive an email with a link to register a new password.
For more information, you can get more information by calling 800204692 (national calls) or +442036953214 (international). You can also contact TAP’s data protection officer at [email protected]