Lockheed Martin was the target of an attack by an alleged pro-Iran hacktivist, which claims to have a large trove of data that it is threatening to sell on the dark web, Cybersecurity Dive has learned. 

The threat actor, tracked as APT Iran, claims to have stolen 375 terabytes of data from the aerospace and defense industry company, according to information from multiple security researchers, including Flashpoint and Check Point Software. 

The group claims to have copies of blueprints of F-35 aircraft, which is America’s most advanced jet fighter, and other corporate information, according to Flashpoint. 

The group has since posted additional claims demanding more than $400 million in return for not selling the information to adversaries of the U.S., according to information from Halcyon. 

The threats are posted on Telegram, a social media network often used by threat groups to communicate with each other and post evidence of malicious activity. 

A spokesperson for Lockheed Martin said the company is knows of the alleged claims. 

“We are aware of the reports and have policies and procedures in place to mitigate cyber threats to our business,” the spokesperson told Cybersecurity Dive via email. “We remain confident in the integrity of our robust, multilayered information systems and data security.” 

APT Iran is a hacktivist collective organization that previously claimed credit for attacks against critical infrastructure in Jordan, according to Palo Alto Networks.