Portugal’s flag carrier hit by Ragnar Locker ransomware gang

Portuguese flag carrier airline TAP Air Portugal had its systems disrupted by a cyberattack on Aug. 25, which has since been claimed by the Ragnar Locker ransomware operation, BleepingComputer reports. Even though TAP confirmed the following day that it had blocked the attack while noting inadequate evidence suggesting any improper customer data access, Ragnar Locker posted on its leak site yesterday stating that several gigabytes of data have been exfiltrated from the airline. "Several days ago TAP Air Portugal made a press-release where they claimed with confidence that they successfully repelled the cyber attack and no data was compromised (but we do have some reasons to believe that hundreds of Gigabytes might be compromised)," said Ragnar Locker, which also posted a screenshot of a spreadsheet purported to contain stolen customer data. Ragnar Locker is one of the most prolific ransomware operations today, with the FBI reporting in March that at least 52 U.S. critical infrastructure organizations have been successfully attacked by the group since 2020.