February 12, 2024 at 12:24PM
Willis Lease Finance Corporation disclosed a cybersecurity incident to US regulators after data was reportedly stolen and posted by the Black Basta ransomware group. The company took swift action, engaging third-party experts and informing law enforcement. While the extent of the breach is still being investigated, the group claimed to have stolen 910 GB of company data.
Summary of Meeting Notes:
Willis Lease Finance Corporation admitted to a cybersecurity incident resulting in data being posted to the Black Basta ransomware group’s leak blog. The company became aware of the potential breach on January 31 and swiftly launched an investigation with third-party experts. They have taken steps to contain, assess, and remediate the activity, and have informed law enforcement.
As a result of taking certain systems offline, the company has developed workarounds to continue operations and serve customers. The scope of the breach is still being determined, and the company is working to ascertain if any data was stolen or compromised. Black Basta claims to have stolen 910 GB of company data, including customer and staff information, non-disclosure agreements, passport scans, and more. Social security numbers and identity documents of company staff have been compromised, with evidence of matches mainly in the US and UK.
The company’s communications team has not responded to inquiries from El Reg. Willis Lease Finance Corporation has been in operation for over 45 years and is a major seller and lessor of jet engines to airlines worldwide.
Black Basta ransomware group, linked to the now-shuttered Conti group, is known for targeting major organizations and has reportedly netted more than $100 million from victims.