Privacy News Boeing assessing Lockbit hacking gang threat of sensitive data leak

Viking

Level 26
Thread author
Verified
Honorary Member
Top Poster
Well-known
Oct 2, 2011
1,532
SAN FRANCISCO, Oct 27 (Reuters) - Boeing Co (BA.N) said on Friday it was assessing a claim made by the Lockbit cybercrime gang that it had "a tremendous amount" of sensitive data stolen from the aerospace giant that it would dump online if Boeing didn't pay ransom by Nov. 2.

The hacking group posted a countdown clock on its data leak website with a message saying, "Sensitive data was exfiltrated and ready to be published if Boeing do not contact within the deadline!"

"For now we will not send lists or samples to protect the company BUT we will not keep it like that until the deadline," the hacking group said.

The hacking group typically deploys ransomware on a victim organization's system to lock it up and also steals sensitive data for extortion.

"We are assessing this claim,” a Boeing spokeswoman said by email.

Lockbit was the most active global ransomware group last year based on the number of victims it claimed on its data leak blog, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

The gang, whose eponymous ransomware was first seen on Russian-language-based cybercrime forums in January 2020, has made 1,700 attacks on U.S. organizations since then, CISA said in June.

Lockbit did not say how much data it allegedly stole from Boeing, or the amount of ransom demanded. Boeing didn't comment further.

The hacking gang also did not immediately respond to a request for comment sent on an address it mentioned on its data leak site.
 
Last edited by a moderator:

CyberTech

Level 44
Verified
Top Poster
Well-known
Nov 10, 2017
3,250
The LockBit crew is claiming to have leaked all of the data it stole from Boeing late last month, after the passenger jet giant apparently refused to pay the ransom demand.

The gang dumped the files online early Friday morning. This latest leak includes about 50GB of data in the form of compressed archives and backup files for various systems.

The full release comes after the extortionists uploaded some files said to be related to company finances and marketing activities as well as supplier details.

Screenshots of the stolen info showed several Citrix logs, which has led to some speculation that LockBit exploited Citrix Bleed to break into the defense contractor's systems. Boeing has so far refused to comment on the initial point of entry into its systems.

Neither data dump has been verified by The Register, and Boeing declined to answer specific questions about the incident or the stolen files. A spokesperson sent us this comment via email:
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top