Boeing data published by Lockbit hacking gang

Send a link to a friend  Share

[November 11, 2023]  By James Pearson
 
LONDON (Reuters) -Internal data from Boeing, one of the world's largest defense and space contractors, was published online on Friday by Lockbit, a cybercrime gang which extorts its victims by stealing and releasing data unless a ransom is paid. 

A Boeing logo is seen at the 54th International Paris Airshow at Le Bourget Airport near Paris, France, June 18, 2023. REUTERS/Benoit Tessier

The hackers in October said they had obtained "a tremendous amount" of sensitive data from the aerospace giant and would dump it online if Boeing didn't pay a ransom by Nov. 2.

According to a post on Lockbit's website, the data from Boeing was published in the early hours of Friday morning. The files, which Reuters has not independently verified, mostly date to late October.

In a statement, Boeing confirmed that "elements" of the company's parts and distribution business had experienced a cybersecurity incident.

“We are aware that, in connection with this incident, a criminal ransomware actor has released information it alleges to have taken from our systems," Boeing said. "We continue to investigate the incident and will remain in contact with law enforcement, regulatory authorities, and potentially impacted parties, as appropriate."

The company said it "remains confident" the event does not pose a threat to aircraft or flight safety, but declined to comment on whether defense or other sensitive data had been obtained by Lockbit.

Lockbit ransomware, first seen on Russian-language-based cybercrime forums in January 2020, has been detected all over the world, with organizations in the United States, India and Brazil among common targets, cybersecurity firm Trend Micro said last year.

It called the group "one of the most professional organized criminal gangs in the criminal underground".

The group has hit 1,700 U.S. organizations, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

On Thursday, the Industrial and Commercial Bank of China's (ICBC) U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market.

Several ransomware experts and analysts said Lockbit was believed to be behind the hack, although the gang's dark web page, where it typically posts names of its victims, did not mention ICBC.

(Reporting by James Pearson; additional reporting by Tim Hepher in Paris and Valerie Insinna in Washington; Editing by Kirsten Donovan, David Evans and Emelia Sithole-Matarise)

[© 2023 Thomson Reuters. All rights reserved.]
This material may not be published, broadcast, rewritten or redistributed.  Thompson Reuters is solely responsible for this content.

 

 

Back to top