Black Basta ransomware claimed responsibility, but the company says its investigation is ongoing.

Dark Reading Staff, Dark Reading

February 13, 2024

1 Min Read
A plane taking off at sunset
Source: Markus Mainka via Alamy Stock Photo

Commercial aircraft engine leasing concern Willis Lease Finance Corp. said a "cybersecurity incident" it suffered from Jan. 31 knocked its systems offline in a filing with the Securities and Exchange Commission.

The filing notes that unauthorized activity was discovered on the company's IT systems, which led to the launch of an investigation to assess the scope and nature of the cyber incident. 

This investigation remains ongoing and is being conducted alongside third-party cybersecurity experts; Willis has not identified who was behind the unauthorized activity at the time of its Feb. 9 filing.

But in early January, the Black Basta ransomware group allegedly claimed to have stolen data from the business and posted it on the group's leak blog.

The Black Basta group claims that it stole 910GB of company data related to the aviation company's customers, staff, and HR department, among other data types, and posted samples of documents online.

Willis said in its filing that it "is working diligently to respond to and address the issues posed by the incident," but it provided no further details and didn't say if any data has been compromised. 

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights