ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

TAP Air Portugal Data Breach

flytap.com
Significant exposure
Verified breach
Accounts exposed 6,083,479
Breach date 25 Aug 2022
Added to tracker 23 Sep 2022
Data classes 9

What happened

In August 2022, the Portuguese airline TAP Air Portugal was the target of a ransomware attack perpetrated by the Ragnar Locker gang who later leaked the compromised data via a public dark web site. Over 5M unique email addresses were exposed alongside other personal data including names, genders, DoBs, phone numbers and physical addresses.

Exposed data

Dates of birth Email addresses Genders Names Nationalities Phone numbers Physical addresses Salutations Spoken languages

Recommended actions

  • Watch for targeted phishing emails referencing TAP Air Portugal โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP