A huge hoard of Boeing data leaked by LockBit ransomware

News
By published

Negotiations between aero giant and hackers broke down

security
(Image credit: Shutterstock / binarydesign)

The operators of the LockBit ransomware have published 43GB of Boeing data after failing to negotiate ransom terms with the company.

The data seems to be backups from different company systems and includes configuration backups for IT management software and logs for monitoring and auditing tools. 

As reported by BleepingComputer, LockBit first added Boeing to its data leak site on October 27 and urged the company to reach out and negotiate a ransom payment by November 7.

Reader Offer: $50 Amazon gift card with demo

Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?

Ignored warnings

“A tremendous amount of sensitive data was exfiltrated and ready to be published if Boeing do not contact within deadline,” the hackers warning read. “For now we will not send lists or samples to protect the company BUT we will not keep it like that until the deadline.”

Soon after, Boeing disappeared from LockBit’s site,  which could mean that the company did try to come to an understanding with the attackers. However, come November 7, Boeing’s name was back. LockBit said its warnings were ignored:

“Boeing ignored our warnings. We will start to publish data,” the updated announcement reads. “In first batch we will publish just around 4GB of sample data (most recent).” That data had an October 22 timestamp, the publication explained. 

Three days later, the entire database leaked. Roughly 43GB of sensitive information, which included backups from Citrix appliances. This led some people to speculate that LockBit infiltrated Boeing by exploiting the CitrixBleed vulnerability, which was discovered roughly a month ago and was observed being abused in the wild. 

In fact, cybersecurity researchers from Mandiant recently reported that various government institutions, legal organizations, and other firms across the world were being targeted with ransomware via CitrixBleed. The campaigns allegedly started in late August this year. 

Boeing confirmed the breach but did not discuss the details. 

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Major ransomware attack sees Tata Technologies hit - 1.4TB dataset with over 730,000 files allegedly stolen
An American flag flying outside the US Capitol building against a blue sky
US military and defense contractors hit with Infostealer malware
Data leak
Hacked Tata Technologies data leaked by ransomware gang
Lock on Laptop Screen
Clop ransomware lists Cleo cyberattack victims
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
59 organizations reportedly victim to breaches caused by Cleo software bug
The International Civil Aviation Organization in Montreal, Canada
International Civil Aviation Organization investigating possible records data breach
Latest in Security
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Latest in News
Open AI
OpenAI live stream - could we see a major ChatGPT upgrade?
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
Monster Hunter Wilds
Monster Hunter Wilds Title Update 1 launches in early April, adding new monsters and some of the best-looking armor sets I need to add to my collection
More about security
cybersecurity

Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak

A major Keenetic router data leak could put a million households at risk
HDD

Seagate teams with Nvidia to build an NVMe hard drive proof of concept, more than 3 years after its last effort
See more latest
Most Popular
HDD
Seagate teams with Nvidia to build an NVMe hard drive proof of concept, more than 3 years after its last effort
Open AI
OpenAI live stream - could we see a major ChatGPT upgrade?
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
Monster Hunter Wilds
Monster Hunter Wilds Title Update 1 launches in early April, adding new monsters and some of the best-looking armor sets I need to add to my collection
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Sony WF-C710N in blue glass on beige background
Sony WF-C710 earbuds land, and I think they'll be the 2025 budget buds to beat
The RIG M2 Streamstar attached to a boom arm.
The RIG M2 Streamstar has the world's first Bluetooth audio gateway in a wired gaming microphone