• TAP Air Portugal Airbus A330-941 CS-TUB

    TAP Air Portugal

    IATA/ICAO Code:
    TP/TAP

    Airline Type:
    Full Service Carrier

    Hub(s):
    Lisbon Airport

    Year Founded:
    1945

    Alliance:
    Star Alliance

    CEO:
    Christine Ourmières-Widener

    Country:
    Portugal

On September 21st, TAP Air Portugal reported that it was the victim of a cyberattack. Sensitive personal information of an undisclosed number of passengers has been posted to the dark web. No monetary funds have been reportedly withdrawn from the airline or its customers. The airline has deployed countermeasures to prevent this from happening again. It claims the attack has hindered no operations.

Penetrated firewall

The airline first noticed the data breach when it found that an unauthorized third party had access to several IT systems. It immediately deployed security measures to prevent the problem from growing any further. The attackers were booted from the system but not before gaining access to sensitive information.

Tap Air Portugal Airbus A319 on taxiway

TAP first detected the threat last month. Photo: TAP Air Portugal

TAP has solicited the help of Microsoft in its investigation into how the attackers were able to gain access and what they can do to recover the information. Since the airline first noticed the breach on August 25th, it has been working with law enforcement officials on the matter. It is unclear how long the hackers had access to the system. However, the airline has assured its passengers that the breach has not affected their flights. It went on to list the different types of information that the attackers accessed. In a statement, the airline stated,

“Unfortunately, personal data from some of our customers was illegitimately accessed by hackers and publicly disclosed. Information affected may include data such as name, nationality, gender, date of birth, address, email, telephone contact, customer registration date and frequent flyer number. The information for each affected customer may vary. As for the moment, there is no indication that payment data was exfiltrated from TAP’s network.”

The airline has not stated how the attackers obtained access. TAP has recommended all passengers change their passwords on its booking site to add security. It also sincerely apologized to all its customers, especially those whose personal information was leaked. Later in the statement, the apology read,

“We sincerely apologize to our affected customers that their personal data has been released and for any inconvenience it may cause. We would like to reinstate our commitment towards the protection of our customers’ personal data for which we are developing additional measures to continue reinforcing its security.”

Earlier this week American Airlines revealed it had suffered a similar data breach. The attackers accessed multiple employee emails containing similar sensitive passenger information. The attackers have yet to go public with the information. In this situation, the attackers accessed the accounts using common phishing tactics. It is anticipated that far fewer American Airlines passengers’ personal information would have been breached compared to TAP’s as the attackers only accessed email accounts where select few passengers’ information is stored.

TAP Air Portugal Airbus Landing

Tap has not stated if it will offer identity protection services for its customers. Photo: Airbus

Following the infiltration, American hired an outside cybersecurity team to help with the situation. The airline offered identity protection to all passengers whose information was compromised. TAP has not stated whether it has provided any such services to its customers.

What do you think of TAP’s response to the attack? Let us know in the comments below.

Source: simpleflying.com

Napsat komentář

Vaše e-mailová adresa nebude zveřejněna.

You May Also Like

U.S. Air Force Marks 75 Years: 5 Things To Know

Seventy-five years ago and as the nation rebounded from World War II,…

EASA To Revise Helo EMS Operational Rules

EASA has issued a regulatory opinion to further boost helicopter emergency medical service (HEMS)…

Florida Airports Slowly Return to Normal

As the remnants of now-tropical storm Ian bring rain and winds to…

Gulfstream G700 and G800 Engines Earn EASA Certification

Gulfstream is showing major progress bringing its new G700 and ultralong-range Gulfstream…