The notorious LockBit ransomware gang has allegedly hacked a US manufacturing facility that produces parts for SpaceX projects – Maximum Industries. The threat operators claim they stole about 3,000 proprietary schematics or blueprints from the manufacturing company, possibly affecting SpaceX’s operations.
LockBit also threatened to leak the company’s stolen data if they failed to pay their ransom demands until March 20. According to a post from the threat group, they seem serious about selling the stolen data should the SpaceX contractors refuse to communicate with them.
Security researchers believe that even if the stolen data from Maximum Industries gets sold to other threat actors, it would be worthless as blueprints needed manufactured parts to be operable. Nonetheless, SpaceX’s reputation could be at stake as a data leak incident could attract the US government’s attention and deem them negligent with classified information.
It has yet to be verified whether the alleged stolen SpaceX data are legitimate.
Despite the ransomware gang claiming that the stolen proprietary schematics had been certified by engineers from the spacecraft giant, researchers have yet to uncover any solid proof that it is. As of this article, Maximum Industries have not commented on the security breach issue.
While this claim is yet another heavy assertion by the LockBit gang, researchers have been reluctant to believe them as some of their past alleged campaigns were never verified.
One of these claims from the gang is their purported hack against a fintech company called ION. In this issue, the group also threatened to leak their data should the company fail to comply until February 4. Until now, there is no proof that the company was hacked and nicked and no evidence that their data were leaked anywhere.
Another incident is the ransomware group’s claims of hacking into the UK’s Royal Mail’s systems. In a report, the mail service stated that they found no evidence that sensitive customer data were stolen from the hack. Meanwhile, LockBit said that they are leaking the data they robbed from the company since they refused to pay the ransom demands.
Despite the past unverified claims from LockBit, security experts are still warning companies and organisations to be extra cautious against cyberattacks and apply robust security measures within their infrastructure.
