Portuguese flag carrier airline.
In August 2022, the Ragnar Locker ransomware gang attacked TAP Air Portugal and exfiltrated customer data, later leaking it on a dark-web site. The exposed set covered over 5 million unique email addresses (about 6.1 million records) and included names, salutations, dates of birth, genders, nationalities, phone numbers, physical addresses, spoken languages, and frequent-flyer numbers.
ObscureIQ assessment: Exposure enables travel fraud, phishing, booking impersonation, and physical-world targeting. Itinerary and loyalty data can also reveal movement patterns and likely absence from home.
The rich identity set (name, DOB, nationality, address, phone) supports identity fraud and targeted phishing; the exposure of high-profile individuals including the Portuguese president heightens the targeting risk.
TAP Air Portugal is the flag carrier airline of Portugal, operating domestic and international flights and a frequent-flyer program.
Airlines collect passenger identity, contact details, booking records, payment-adjacent information, itinerary data, loyalty accounts, and customer-service interactions across travel operations.
TAP confirmed the cyberattack; the Ragnar Locker gang leaked the stolen data on its dark-web site, and among those affected were the Portuguese president and various government figures.
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Attribution and method are based on available breach intelligence. Reported attack vector: Ransomware / Extortion.
If you believe your information may be included:
In August 2022, the Ragnar Locker ransomware gang attacked TAP Air Portugal and exfiltrated customer data, later leaking it on a dark-web site. The exposed set covered over 5 million unique email addresses (about 6.1 million records) and included names, salutations, dates of birth, genders,…
Verified fields include Date of Birth, Email Address, Full Name, Gender, Nationality or Citizenship, Phone Number, Physical Address, Salutation, Spoken Language.
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Every claim on this page is traceable. This breach draws on:
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation