lockbit2 attacks Airbus Staff Council

Incident Date:

February 5, 2022

World map



lockbit2 attacks Airbus Staff Council


Airbus Staff Council




Georges Lequiem, France

Blagnac, France

First Reported

February 5, 2022

Airbus Staff Council Ransomware Attack

The LockBit2 ransomware group has claimed responsibility for an attack on the Airbus Staff Council, a key player in the manufacturing sector. This incident highlights the growing threat of cyber-attacks in strategic industries, including aviation, which are increasingly dependent on interconnected digital systems.

Overview of the Attack

The Airbus Staff Council, based in Blagnac, France, became a target of the LockBit2 ransomware group. Despite the lack of detailed public information about the organization's size or specific vulnerabilities, the manufacturing sector's significance is underscored by its substantial contribution to national output and employment. The Airbus Staff Council's website, while sparse on details about the attack, mentions the use of cookies for site functionality and analytics, a common practice that underscores the digital nature of modern organizations.

LockBit2, notorious for its cyber-attacks on various entities including the SolarWinds IT management platform and multiple NHS health systems, has now added the Airbus Staff Council to its list of victims. This incident is a stark reminder of the persistent threat posed by ransomware groups to critical sectors worldwide.

The Implications of the Attack

The manufacturing sector's increasing reliance on digital technology not only drives innovation but also elevates the risk of cyber-attacks. The attack on the Airbus Staff Council by the LockBit2 group is a clear indication of the cybersecurity challenges facing the industry. With the group threatening to release data captured during the attack, the incident underscores the urgent need for robust cybersecurity measures.

As of now, the Airbus Staff Council has not issued a public statement regarding the ransomware attack. This silence highlights a common dilemma faced by organizations post-breach: the balance between transparency and the risk of further exposure.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.