Hackers Claim $600M Lockheed Martin Data Haul on Dark Web, No Verification Yet

Hackers are advertising 375 terabytes of defense data allegedly belonging to Lockheed Martin for $600 million. The claim is currently causing a serious stir in cybersecurity circles online. However, no one has come clean about whether it’s true or not.

Details of the Data Dump

On March 26, a Telegram account linked to dark web marketplace Threat Market made a surprising post. It said a group calling itself “APT Iran” had contacted them asking for help selling a massive trove of data.

Threat Market didn’t just take the listing. It gave APT Iran direct access to its admin panel to manage the sale. The post also mentioned cryptocurrency mixers to handle payments. That’s a technique criminals use to make money trails nearly impossible to follow.

Three days later, on March 29, Threat Market officially listed the data for sale. The asking price for a full exclusive buyout? $598,500,000 just under $600 million. The total estimated value of the data sat at around $374 million.

The screenshots the hackers attached in their listings showed well laid out data categories. Internal project files, source code, and personnel records are part of the stolen data. The layout looked like a typical dark web sale page. However, no independent security researcher has verified what’s actually inside.

Here’s something worth knowing. Large data breach claims such as this pop up regularly on the dark web. Usually, sellers hype up the numbers to get the attention of buyers or the media. But a $600 million buyout price? That’s something no one has seen before on these markets.

These marketplaces often host a disturbing variety of illegal services, from stolen data to contract killing platforms, as German authorities recently demonstrated when they busted a dark web hitman service and arrested its operator.

A Second Iran-Linked Group Surfaces

Around the same time, one other group called Handala Hack Team surfaced. They published a separate message about Lockheed Martin employees on March 26.

This claim was different from Threat Market’s listing. Handala focused on personal data belonging to a small number of engineers tied to defense projects. The group claimed they got their hands on personal info.

They also said they’ve contacted a few of those individuals directly. Also, they issued threats and gave a 48-hour deadline, something to do with political demands.

Handala has made headlines recently. The group reportedly breached the personal Gmail account of FBI Director Kash Patel. It also targeted medical device company Stryker Corporation. So this isn’t a group to brush off lightly.

That said, there’s no clear connection between Handala’s claim and the 375TB listing on Threat Market. The data types are different, and the timing may simply be a coincidence.

Also, this isn’t the first data breach incident targeting Lockheed Martin. The pro-Russia group Killnet once claimed they stole Lockheed’s employee emails and phone numbers.

Implications of this Data Leak

The situation remains a mystery as Lockheed Martin has not said anything to confirm if they experienced any breach. No sample data from the 375TB listing has been authenticated by trusted security researchers.

That matters a lot. Without verified samples, this could be a scam designed to make money off fear and curiosity. Dark web sellers have pulled that move before. Nevertheless, a listing of this scale, with such a price tag, is not to be taken lightly. Both the company and the authorities need to look into it fast.

Lockheed Martin basically sits at the heart of national security with all the high-tech machines (fighter jets, missile systems, satellites) it manufactures. This company has its hands on blueprints, contracts, and other very sensitive information.

If any of that slips into the hands of terrorists and other malicious actors, the outcome will certainly not be nice. That’s why APT Iran’s claims are concerning. Moreover, the implications go far beyond just corporate security; it could be a global nightmare.

For now, nothing is certain. This story could get much bigger, fast when the verification surfaces.