Pierluigi Paganini November 02, 2023

Boeing confirmed it is facing a cyber incident that hit its global services division, the company pointed out that flight safety isn’t affected.

The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors.

 In 2022, Boeing recorded $66.61 billion in sales, the aerospace giant has 156,000 (2022).

Last week, the Lockbit ransomware group added Boeing to the list of victims on its Tor leak site. The gang claims to have stolen a huge amount of sensitive data from the company and threatens to publish it if Boeing does not contact them within the deadline (02 Nov, 2023 13:25:39 UTC). At the time of this writing, the group has yet to publish any samples.

“Boeing, the 60 billion Company, together with its subsidiaries, designs, develops, manufactures, sells, services, and supports commercial jetliners, military aircraft, satellites, missile defense, human space flight, and launch systems and services worldwide.” reads the message published by the group on its leak site.

“A tremendous amount of sensitive data was exfiltrated and ready to be published if Boeing do not contact within the deadline! For now we will not send lists or samples to protect the company BUT we will not keep it like that until the deadline.”

Today the company today confirmed that its services division was hit by a cyber attack, it also added that the investigation is still ongoing. The attack targeted elements of the parts and distribution business run by its global services division.

Boeing notifies law enforcement agencies and relevant regulatory authorities.

“We are actively investigating the incident and coordinating with law enforcement and regulatory authorities.” reads the statement released by the aerospace giant. “A cyber gang with Russian ties, known as Lockbit, claimed in a post on the dark web last week that it would start releasing “sensitive data” if the aerospace and defense giant didn’t meet a ransom demand by Nov. 2. But on Wednesday evening, there was no mention of Boeing on Lockbit’s leak website.”

At the time of this writing the entry for Boeing on the Lockbit’s Tor leak site was removed, a circumstance that could suggest an ongoing negotiation or an error by the attackers.

At this time the cybercrime gang has yet to publish the alleged stolen data.

In mid-October, the Lockbit ransomware gang claimed to have hacked the technology services giant CDW.

The LockBit ransomware gang demanded an $80 million ransom, but the group claims that the company only offered $1 million.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)