Cl0p ransomware gang hits Aviation giant Bombardier, leaks sensitive data

The Cl0p ransomware gang has leaked sensitive data belonging to Bombardier on its official website on the dark web accessible through Tor.

Reportedly, the Cl0p ransomware gang leaked the data after the company refused to pay the ransom.

The Canada-based business and commercial aircraft manufacturer Bombardier has confirmed that it has become a victim of the devastating Accellion FTA cyberattack after its data appeared on a Dark Web website operated by the Cl0p ransomware gang.

However, the company claims that it was a limited breach where an unauthorized party extracted data after exploiting a third-party FTA vulnerability to gain access.

SEE: Clop ransomware gang leaks Jones Day law firm data on dark web

The company said its Accellion instance was operating through purpose-built servers isolated from its main network.

“The ongoing investigation indicates that the unauthorized access was limited solely to data stored on the specific servers. Manufacturing and customer support operations have not been impacted or interrupted,” Bombardier’s official statement read.

Accellion’s press release revealed that around 300 of its customers ran the FTA servers, out of which 100 were attacked and 25 suffered data theft. The attackers then started an extortion campaign asking the impacted organizations for ransom payments and threatened to leak the stolen data. That’s exactly what has happened with Bombardier.

Confidential Data Compromised

According to Bombardier, forensic analysis indicates that personal and confidential data relating to “employees, customers, and suppliers” was compromised.

Technical coordination memo leaked by Cl0p ransomware gang (Image:

Furthermore, around 130 employees in Costa Rica were affected. It also confirmed that the target wasn’t the specific target because it impacted multiple organizations that used the application.

“Bombardier has been proactively contacting customers and other external stakeholders whose data was potentially compromised.”

“Bombardier will continue to assess the situation and stay in close contact with its clients, suppliers, and employees, as well as other stakeholders,” the company stated.

SEE: Clop ransomware hits Software AG, demands $20 million+ ransom

Hackers Leaked Military Spy Plane Data on Dark Web

According to the reports, the attackers have leaked details of a military spy plane manufactured by Bombardier. It is believed that hackers leaked the company’s data on the Dark Web after Bombardier refused to pay the ransom.

One of the documents shows details on a military plane manufactured by Bombardier (Image:

The leak is posted on CL0P^_- LEAKS and shows the specs and mechanics for the “GlobalEye airborne early warning and control platform,” developed by a Swedish defense firm Saab.

Did you enjoy reading this article? Don’t forget to like our page on Facebook and follow us on Twitter

Related Posts