Security Experts:

Connect with us

Hi, what are you looking for?



Ransomware Group Claims Theft of Valuable SpaceX Data From Contractor

The LockBit ransomware group claims to have stolen valuable SpaceX data after breaching the systems of Maximum Industries.

The LockBit ransomware group claims to have stolen valuable SpaceX files after breaching the systems of piece part production company Maximum Industries.

The Texas-based Maximum Industries specializes in waterjet and laser cutting and CNC machining services, and advertises itself as a contract manufacturing facility. 

The LockBit hackers claim Elon Musk’s rocket and spacecraft maker SpaceX uses Maximum Industries services. They also claim that on Maximum Industries’ systems they found roughly 3,000 “drawings certified by space-x engineers”, which they plan on selling through an auction.

SpaceX ransomware

SecurityWeek has reached out to both SpaceX and Maximum Industries for comment, but none of them have responded. 

While Maximum Industries may have been hacked, it’s not uncommon for cybercrime groups to make exaggerated claims regarding the impact of their attacks or the value of the data they have obtained. 

The LockBit ransomware operation was launched in 2019 and it has been evolving ever since. The cybercriminals, believed to be operating out of Russia, exploit unpatched vulnerabilities, rely on insiders, or acquire access from specialized groups to gain access to victim systems. Once they have access, they collect valuable data, after which they deploy file-encrypting malware. 

For more than a year now, LockBit has been the most active ransomware operation. To date it has targeted well over 1,000 organizations, including major companies such as German car parts giant Continental.

Related: New ‘Exfiltrator-22’ Post-Exploitation Framework Linked to Former LockBit Affiliates

Related: Russian National Arrested in Canada Over LockBit Ransomware Attacks

Related: LockBit Ransomware Site Hit by DDoS Attack as Hackers Start Leaking Entrust Data

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.


Dole was forced to shut down systems in North America due to a ransomware attack, which has reportedly led to salad shortages in some...


The City of Oakland has disclosed a ransomware attack that impacted several non-emergency systems.


The personal and health information of more than 3.3 million individuals was stolen in a ransomware attack at Regal Medical Group.


More than 3,800 servers around the world have been compromised in recent ESXiArgs ransomware attacks, which also include an improved process.