Boeing said on Friday it was assessing a claim made by the Lockbit cybercrime gang that it had “a tremendous amount” of sensitive data stolen from the aerospace giant.
The gang also claimed that it would post the information online if Boeing didn’t pay ransom by 2 November.
The hacking group posted a countdown clock on its data leak website with a message saying, “Sensitive data was exfiltrated and ready to be published if Boeing do not contact within the deadline!” “For now we will not send lists or samples to protect the company BUT we will not keep it like that until the deadline,” the hacking group said.
The hacking group typically deploys ransomware on a victim organisation’s system to lock it up and also steals sensitive data for extortion.
“We are assessing this claim” a Boeing spokeswoman said.
Lockbit was the most active global ransomware group last year based on the number of victims it claimed on its data leak blog, according to the US Cybersecurity and Infrastructure Security Agency (CISA).
The gang, whose eponymous ransomware was first seen on Russian-language-based cybercrime forums in January 2020, has made 1,700 attacks on US organisations since then, CISA said in June.
Lockbit did not say how much data it allegedly stole from Boeing, or the amount of ransom demanded.