FEAM Aero reportedly hit by ransomware


Feam Aero, the global aircraft maintenance and technical services company, has been claimed by the BlackCat – also known as ALPHV – ransomware gang.

The Russian-linked hacker collective posted the company’ on its dark leak site Tuesday, stating it had stolen troves of sensitive data in the hack.

The ransom group threatened to begin releasing parts of the cache in the next 48 hours.

“FEAM has been hacked. All critical company and customer data was stolen,” it said.

FEAM Aero LockBit
LockBit leak site

FEAM is one the largest MRO (Maintenance, Repair, Overhaul) companies in the US, providing line maintenance and A-check services at 52 maintenance bases around the world, according to its website.

The FAA-certified company works with dozens of commercial and cargo airlines, from Amazon and DHL to Air France and Singapore Airlines.

FEAM employs over 1500 aviation professionals, including engineers, mechanics, and technicians that service both domestic and international aircraft, including numerous Airbus, Boeing, Embraer, De Havilland, and Mitsubishi models.

BlackCat did not post the amount of data it had but did provide a sample of 67 files - including several US passports, social security cards, mechanics licenses, third-party disclosures, company credit card statements, and insurance records.

The hacker group posted it was able to exploit multiple vulnerabilities in FEAMs network, and said it plans to use the sensitive customer data for criminal purposes.

It warned that “numerous customers of the company have been accessed they will be attacked soon.”

FEAM LockBit samples
LockBit leak site

The ransomware group claims they have obtained numerous documents such as:

  • Customer and partner engineering projects
  • Financial and banking records
  • Insurance information of partners and customers
  • Confidential and NDA contracts
  • Secret documents and drawings
  • Information about the company's business processes
  • Internal company and management correspondence
  • HR documents
  • Databases
  • Engineering system baselines

Headquartered in Miami, FEAM is installed at dozens of major airports spanning the US and Europe, including locations in Tel Aviv, Egypt, Georgia, and Algeria.

Cybernews has reached out to the company and is awaiting a response.