Boeing Co. confirmed it is dealing with a “cyber incident” that targeted elements of the parts and distribution business run by its global services division.
Flight safety isn’t affected, Boeing said in an emailed statement Wednesday, adding, “We are actively investigating the incident and coordinating with law enforcement and regulatory authorities.”
A cyber gang with Russian ties, known as Lockbit, claimed in a post on the dark web last week that it would start releasing “sensitive data” if the aerospace and defense giant didn’t meet a ransom demand by Nov. 2. But on Wednesday evening, there was no mention of Boeing on Lockbit’s leak website.
“When organizations are removed from leak sites, it often means either that the organization has paid the ransom or that it’s agreed to negotiate,” said Brett Callow, threat analyst at Emsisoft. “The former is usually permanent whereas the latter may only be temporary.”
A Boeing spokeswoman declined to comment on whether the US planemaker paid any ransom. The company is notifying customers and suppliers of the cyberattack.
Lockbit is among the most notorious hacking gangs, often deploying ransom ware to lock up victim’s files and then demanding a payment to unlock them. More recently, hacking gangs have been stealing documents and demanding payment to not release them publicly.
Boeing shares were little changed in extended trading.
See more: Boeing Says It’s Assessing Data Dump Threat From Cyber Gang
(Updates with details of ransom demand, analyst’s comment)