Aerospace giant Boeing has confirmed that it was recently hit by a cyberattack, after a notorious ransomware group claimed to have breached the company’s systems.
After the LockBit ransomware group listed the company on its leak website, claiming to have stolen “a tremendous amount of sensitive data”, Boeing said it had launched an investigation.
The cybercriminals later removed any mention of Boeing from their website, telling the cybersecurity research and threat intelligence organization VX-Underground that negotiations have started.
Lockbit representatives also told VX-Underground that a zero-day vulnerability was exploited by affiliates to gain access to Boeing systems.
“We are aware of a cyber incident impacting elements of our parts and distribution business,” Boeing told SecurityWeek on Wednesday, pointing out that flight safety is not affected by the incident.
“We are actively investigating the incident and coordinating with law enforcement and regulatory authorities. We are notifying our customers and suppliers,” the company added.
LockBit has been one of the most active ransomware groups, targeting organizations in a wide range of sectors, including critical infrastructure.
From US organizations alone, they received $91 million in ransom payments, according to a report authored earlier this year by several government agencies in North America, Europe, and Australasia.