Skip to main content
close search
site logo
Dive Brief

Weeks after Boeing attack, ransomware group leaks allegedly stolen files

The company’s data was leaked two weeks after the prolific Russia-affiliated group, LockBit, claimed responsibility for the attack.

Published Nov. 13, 2023
Matt Kapko's headshot
Senior Reporter
Boeing employees work on a Boeing 787 Dreamliner on one of the assembly lines February 14, 2011 at the company's factory in Everett, Washington.
Boeing employees work on a Boeing 787 Dreamliner on one of the assembly lines February 14, 2011 at the company's factory in Everett, Washington. Stephen Brashear via Getty Images

Dive Brief:

  • Almost 45 gigabytes of data reportedly stolen from Boeing was leaked by the Russia-affiliated group claiming responsibility for a ransomware attack against the aircraft company.
  • The leaked file names denote Citrix logs, email backups, provisioning services, audits and security controls dated as recently as Oct. 22, according to a screenshot posted by researchers on X, the site formerly known as Twitter. 
  • “We are aware that, in connection with this incident, a criminal ransomware actor has released information it alleges to have taken from our systems,” a Boeing spokesperson said via email. “We continue to investigate the incident and will remain in contact with law enforcement, regulatory authorities, and potentially impacted parties, as appropriate. We remain confident this incident poses no threat to aircraft or flight safety,” the spokesperson said.

Dive Insight:

LockBit, the prolific ransomware group that initially claimed responsibility for the attack on Oct. 27, published the allegedly stolen files on Friday. Boeing first confirmed it was responding to a cyberattack impacting its parts and distribution business on Nov. 2.

The aerospace and defense company did not answer questions about the type and potential sensitivity of the files leaked or how the threat actor gained access to its systems.

Some parts of Boeing’s global services site remain down.

Boeing has yet to file a disclosure about the incident with the Securities and Exchange Commission.

LockBit and affiliates have claimed responsibility for multiple high-profile attacks of late, including a U.S. subsidiary of China’s largest bank last week and exploits of a critical vulnerability in Citrix devices.

The threat group is responsible for about 1,700 ransomware attacks against U.S. organizations and has received about $91 million in ransoms since early 2020, according to a joint cybersecurity advisory published in June by the Cybersecurity and Infrastructure Security and other cyber authorities.

Filed Under: Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
CUSO Financial Services, LP Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Mystic Valley Elder Services Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell