Boeing Co. confirmed that it is dealing with a “cyber incident” targeting parts of its spare parts sales and distribution business operated by its global services division.
Flight safety was not affected, Boeing said in an email statement on Wednesday, adding: “We are actively investigating the incident and coordinating our actions with law enforcement and regulatory authorities.”
Last week, a Russian-linked cyber gang known as LockBit claimed in a dark web post that it would begin publishing “confidential data” if the aerospace and defense giant did not meet its ransom demand by November 2. However, by Wednesday evening there was no mention of Boeing on LockBit’s website.
“When organizations are removed from leak sites, it often means either that the organization has paid the ransom, or that it has agreed to negotiate,” said Brett Callow, a threat analyst at Emsisoft. “The first is usually permanent, while the second may only be temporary.”
A Boeing spokesperson declined to comment on whether the American aircraft manufacturer had paid any ransom. The company is informing customers and suppliers about the cyberattack.
LockBit is one of the most well-known hacking groups, often using ransomware to lock victims’ files and then demanding payment for their release. More recently, hacking groups have been stealing documents and demanding payment to prevent their publication.
Boeing shares were little changed in after-hours trading.