Boeing Co announced on Friday that it is currently evaluating a claim made by the Lockbit cybercrime group, which asserts that it has obtained a significant volume of sensitive data from the aerospace giant. The group has threatened to release this information online unless Boeing pays a ransom by November 2.
To emphasize their ultimatum, the hackers displayed a countdown timer on their data leak website, accompanied by a message stating, "Sensitive data was exfiltrated and ready to be published if Boeing do not contact within the deadline!"
The group conveyed that, for now, they will refrain from providing lists or samples of the data in order to safeguard the company. However, they asserted that this stance may change before the deadline arrives.
Lockbit typically deploys ransomware on an organization's system to encrypt it and also pilfers sensitive information as a means of extortion.
A spokesperson for Boeing stated, "We are assessing this claim" via email.
According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Lockbit was the most active ransomware group globally last year, based on the number of victims it claimed on its data leak blog.
The gang, known for its eponymous ransomware, which emerged on Russian-language cybercrime forums in January 2020, has reportedly conducted 1,700 attacks on U.S. organizations since then, as per CISA's report in June.
Lockbit did not disclose the volume of data it purportedly acquired from Boeing, nor did they reveal the ransom amount they are demanding. Boeing declined to provide further comments.
The hacking group has yet to respond to a request for comment sent to the address mentioned on their data leak site.