LockBit Ransomware Gang Exposes Boeing’s Data in Public Leak

LockBit Ransomware Boeing Data

The hacker group LockBit, specializing in ransomware, has published data belonging to the globally renowned aerospace company Boeing. This occurred after negotiations over a ransom failed to reach a successful conclusion.

The attack began on October 27, 2023, when hackers listed Boeing on their data leak website, giving the company until November 2 to contact them. On November 2, Boeing confirmed the cyberattack but did not specify whether it was a ransomware attack.

Subsequently, the group removed the mention of Boeing from their site, indicating that negotiations had commenced. However, on November 7, Boeing reappeared on the website with a message indicating that they were ignoring the warnings. As a result, the hackers published 4 GB of data as a sample and then released all the stolen data on November 10.

The leaked data included backup configurations of Boeing’s IT systems, audit, and monitoring logs, and backups of Citrix systems, leading to speculations about the potential exploitation of the Citrix Bleed vulnerability.

Boeing, one of the world’s leading manufacturers in the aerospace and defense industries, confirmed the breach and stated that an investigation is currently underway to determine the extent of the data leak. The company also assured that the incident does not threaten the safety of flights and the operation of aircraft.

Since 2020, the LockBit group has claimed responsibility for several major attacks, including on companies like DXC Technology, Accenture, and even the German government. According to CISA, since 2020, LockBit has attacked 1,700 companies in the US and has received approximately $91 million in ransoms.

Experts note that LockBit has become one of the most active groups this year. In 2022, there were 97 attacks by LockBit, and this year, the number has already risen to 122.

Boeing is currently investigating the incident and intends to take the necessary measures to protect its clients and data. Due to the incident, Boeing’s service website is temporarily inaccessible.