Portugal

The Ragnar Locker ransomware gang has claimed an attack on the flag carrier of Portugal, TAP Air Portugal. The airline disclosed this after its systems were hit on Thursday night. TAP initially said the attack was blocked. The company said it found no evidence indicating the attackers gained access to customer information stored on impacted servers.

In September the airlines told customers on Thursday that hackers had stolen some of their personal data and published it on the dark web. The state-owed airline said all payment details appeared to be safe.

The administration of the Port of Lisbon suffered a cyberattack over Christmas. The Portuguese authorities didn’t specify the nature of the attack or who was behind it. However, the LockBit ransomware gang uploaded Port of Lisbon to its leak site, a darknet website where cybercriminals announce their victims. The gang claims to have stolen all of the data available on the port’s systems. Threat actors intentionally publicize what data was stolen to force victims into paying the ransom. LockBit demands close to $1.5m to download or destroy the data.

Vodafone Portugal, one of the country’s top telecommunications companies, said Tuesday it suffered a cyberattack, while no confidential customer ended up compromised.
“A deliberate and malicious cyberattack aimed at causing damage and disruption” was underway, the company said.
The attack Feb. 7 affected the company’s 4G and 5G services, fixed line and SMS services, and digital and voice customer services, the company said.
The company hadn't received any ransom demand that would indicate it was hit by a ransomware attack. The CEO also said he had no indications the attackers had accessed subscriber information or other sensitive data. Specifics of the attack remain unknown.

10TB of sensitive data stolen and threatened to publish. Requested ransom of 1,580 BTC (Bitcoin – a value of €9.9MM)