Home Ransomware attack on Boeing leads to major data leak by LockBit

Ransomware attack on Boeing leads to major data leak by LockBit

LockBit, a notorious ransomware group, has reportedly released all data stolen from Boeing in a recent ransomware attack. This follows Boeing’s apparent refusal to meet the ransomware group’s demands. The leaked data, amounting to approximately 50GB, was made public early Friday, consisting of compressed archives and backup files related to various systems.

Nature of the stolen data

Prior to this full release, LockBit had uploaded files allegedly linked to Boeing’s financial and marketing activities, as well as supplier details. The exposed data also includes Citrix logs, raising speculation that the ransomware group exploited the Citrix Bleed vulnerability to infiltrate Boeing’s systems. Boeing, however, has not confirmed the initial entry point used in the attack.

Independent verification of the data dump’s authenticity is pending, as reported by The Register. Boeing has remained tight-lipped about the specifics of the stolen files. In a statement, a Boeing spokesperson acknowledged a cybersecurity incident affecting the parts and distribution business. They emphasized ongoing investigations in collaboration with law enforcement and regulatory authorities, asserting that the incident poses no threat to aircraft or flight safety.

Security researcher Dominic Alvieri noted that the files include corporate emails, which could be particularly useful for malicious actors. “I haven’t gone over the whole data set but Boeing emails and a few others stand out as useful for those with malicious intent,” Alvieri told The Register.

Timeline of the cyberattack

LockBit first listed Boeing on its dark-web site on Oct. 28. Boeing confirmed an IT intrusion affecting its parts and distribution business to The Register on Nov. 2. Initially, Boeing was removed from LockBit’s leaks site amid purported negotiations, but it appears these discussions either failed or didn’t occur, leading to Boeing’s reappearance on the LockBit extortion website.

In a related development, China’s largest bank, ICBC, also fell victim to ransomware attacks this week, disrupting its financial services. LockBit claimed responsibility for this attack as well.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Maxwell Nelson
Tech Journalist

Maxwell Nelson, a seasoned journalist and content strategist, has contributed to industry-leading platforms, weaving complex narratives into insightful articles that resonate with a broad readership.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.