LockBit releases stolen Boeing files after the company failed to pay ransom
According to a tweet from MalwareHunterTeam, ransomware group LockBit has leaked online files that were allegedly stolen from Boeing systems.
News of a data breach involving the aircraft company first broke out on October 28 after LockBit listed Boeing on its dark web site. Boeing confirmed the breach on November 2, but by then LockBit had delisted the company from its site saying they were negotiating.
Well, the negotiations fell apart since Boeing is back on the leak site. Perhaps in an attempt to rattle the American multinational corporation, the hackers first released data said to be related to company finances, marketing activities, and supplier details. When that didn’t work they released all the stolen files.
Tech News Hub has not yet verified the breached data, but according to security researcher Dominic Alvieri, the leaked files contained corporate emails.
“I haven't gone over the whole data set but Boeing emails and a few others stand out as useful for those with malicious intent,” Alvieri said.
On its part, Boeing did not confirm nor deny ownership of the data. The company said it was working with the relevant authorities and it was confident that the security incident does not pose any threat to aircraft or flight safety.
“Elements of Boeing's parts and distribution business recently experienced a cybersecurity incident. We are aware that, in connection with this incident, a criminal ransomware actor has released information it alleges to have taken from our systems. We continue to investigate the incident and will remain in contact with law enforcement, regulatory authorities and potentially impacted parties,” a company spokesperson wrote.
It’s still unclear what attack surface the hackers used to gain entry into Boeing systems. However, in some screenshots of the stolen data, several Citrix logs were observed leading security experts to speculate that LockBit exploited a Citrix bleed.
In other news, China's largest bank, ICBC, was also hit by a ransomware attack last week and LockBit is taking responsibility for the attack.