It’s been a bit quiet on the LockBit front for a while – They have claimed a number of scalps in the last 2 months or so, but nothing on the scale of previous victims. That all changed on Friday.
On Friday, LockBit posted to their dark web leak site that they had managed to compromise Boeing and state that they had stolen a “tremendous amount of sensitive data”.
In an unusual turn of events, the gang say that they will not send any lists or samples of the stolen data to protect the company, but also that the deadline for payment is not the typical 10+ days, but a reduced timeline of 6 days.
Earlier this year, I posted about LockBit’s proposed changes to their ransom payouts to affiliates. It is currently not known what option was chosen of those on offer, but if the offer of 3% of the victims annual turnover was the most popular choice, then Boeing are looking at a ransom of almost $2B.
The company posted an annual revenue of $66.6 B in 2022
Over the coming days, it is expected that Boeing will make an official statement as to the attack, but as of Friday, all they said was that they are investigating claims of the breach.
Lockbit state that an affiliate managed to gain access to Boeing via a 0-day exploit.
