Willis Lease Finance Corporation admitted that some internal processes have required workarounds to be developed so that it can continue to operate and service customers, without providing any specifics about what those workarounds entail.
As is often the case with early-stage ransomware disclosures, the company appears to be reluctant to mention “Ransomware” or even “Attack” in its wording.
The ransomware group claims to have stolen 910 GB worth of company data relating to customers, staff, HR, non-disclosure agreements, and more.
Black Basta posted a sample of documents online, including a screenshot of the file trees its affiliate claims to have accessed, as well as various HR documents that revealed the social security numbers of what appear to be company staff across various divisions and seniority levels.
Willis Lease Finance has been in operation for more than 45 years and claims to be one of the longest-standing independent sellers and lessors of jet engines to major airlines in the world.
Black Basta is one of the most dangerous ransomware operations in the cybercrime world and has claimed attacks on major organizations such as Capita and more recently the UK’s Southern Water.
