Internal data from Boeing, one of the world’s largest space and defense contractors, was published online Friday by Lockbit, a cybercriminal gang that extorts its victims by stealing and releasing data unless a ransom is paid.
In October, hackers said they had obtained “an enormous amount” of sensitive data from the aerospace giant and would post it online if Boeing did not pay the ransom by Nov. 2.
According to a post on Lockbit’s website, Boeing’s data was released in the early hours of Friday morning.
The files, which Reuters has not independently verified, mostly date from late October.
In a statement, Boeing confirmed that “elements” of the company’s parts and distribution business had experienced a cybersecurity incident.
“We are aware that in connection with this incident, a criminal ransomware actor has released information that they claim to have taken from our systems,” Boeing said. “We continue to investigate the incident and will remain in contact with law enforcement authorities, regulatory authorities and potentially affected parties as appropriate.”
The company said it “remains confident” that the event does not pose a threat to aircraft or flight safety, but declined to comment on whether Lockbit had obtained defense or other sensitive data.
Lockbit ransomware, first seen on Russian-language cybercrime forums in January 2020, has been detected around the world, with organizations in the United States, India and Brazil among common targets, cybersecurity firm Trend Micro said last year. .
He called the group “one of the most professional organized criminal gangs in the underground criminal world.”
The group has affected 1,700 US organizations, according to the US Cybersecurity and Infrastructure Security Agency (CISA).
On Thursday, the US subsidiary of the Industrial and Commercial Bank of China (ICBC) was hit by a ransomware attack that disrupted operations in the US Treasury market.
Several ransomware experts and analysts said Lockbit was believed to be behind the attack, although the gang’s dark web page, where it typically posts the names of its victims, did not mention ICBC.
