Cyberattack: the data of thousands of travelers published on the dark web

The Portuguese airline TAP informed its customers on Thursday of the theft by hackers of some of their personal data, excluding payment data, who then published them on the “dark web”.

The Portuguese company TAP indicated in a letter addressed to its customers that the cyberattack, launched last month, had made it possible to obtain from its computer servers the names, nationality, e-mail address, personal address, telephone number and loyalty number of some of them.

“Dissemination of personal data via open sources could increase the risk of its illegal use, in particular with a view to obtaining other data (…) in the context of fraudulent attempts such as phishing”, said TAP. “There is no indication that any payment data was extracted from TAP’s systems”she added.

Strengthen passwords

The airline also said it had taken steps to keep its systems working and protect other data. TAP also advised its customers to stay suspicious and strengthen their passwords.

She added that she would refrain from further contact with individual customers about this to avoid confusion. Christine Ourmieres-Widener, chief executive of TAP, told reporters the airline was taking “very seriously the data of its customers”. She wouldn’t divulge the number of customers affected, which some local media put at around 1.5 million, saying such estimates don’t necessarily match reality. She promised new investments in cybersecurity.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.