In October 2023, aerospace giant Boeing’s parts and distribution business suffered a severe cybersecurity breach. The infamous LockBit ransomware group claimed responsibility for the attack, alleging that they had exfiltrated a “tremendous amount” of sensitive data from Boeing’s systems.
The Boeing breach was originally posted on LockBit’s leak site October 27th. The group threatened to release this data publicly unless Boeing paid a ransom by November 2nd. Boeing refused to pay the ransom, and on November 10th, LockBit released its data. The leak included over 50 GB of compressed files, including sensitive data like backups, financial records, and employee information.
Later analysis revealed that LockBit exploited a vulnerability known as “CitrixBleed” (CVE-2023-4966) to steal session cookies from Boeing’s NetScaler device.
Download the whitepaper to read more.