Willis Lease Finance Corp., a commercial aircraft engine leasing company, said a “cybersecurity incident” on Jan. 31 knocked its systems offline. in a warehouse with the Securities and Exchange Commission.
The document notes that unauthorized activity was discovered on the company’s IT systems, leading to the launch of an investigation to assess the scope and nature of the cyber incident.
This investigation remains ongoing and is being conducted in conjunction with third-party cybersecurity experts; Willis did not identify who was behind the unauthorized activity when the complaint was filed Feb. 9.
But in early January, the Black Enough Ransomware group he allegedly claimed to have stolen data from the company and posted it on the group’s escape blog.
The Basta Neri group claims to have stolen 910 GB of corporate data relating to the airline’s customers, staff and human resources department, among other types of data, and posted samples of the documents online.
Willis said in its filing that it is “working diligently to respond to and address the issues posed by the incident,” but provided no further details and did not say whether any data was compromised.