A major cybersecurity incident has reportedly impacted Lockheed Martin, one of the United States’ largest defense and aerospace firms with a significant global presence. According to statements from Flashpoint and Check Point Software, cited by Cybersecurity Drive, hackers are believed to have exfiltrated an enormous volume of data—estimated at over 375 terabytes—from the company’s systems.
The attack has been attributed to a group commonly referred to as APT Iran, a designation often used for advanced persistent threat actors suspected of operating with ties to Iranian interests. If confirmed, the scale and sensitivity of the breach could make it one of the most significant cyber espionage incidents involving a defense contractor in recent years.
What makes the situation even more alarming is the group’s reported strategy following the data breach. The attackers have allegedly issued a strict and limited window for negotiations, pressuring the company to respond quickly. At the same time, they are threatening to sell the stolen data to parties hostile to the United States if their demands are not met. Initial reports suggest that the group has floated a price of around $400 million for the data, raising serious concerns about national security implications.
Further claims circulating on messaging platforms linked to the group indicate that the stolen information may include highly sensitive materials, such as blueprints related to the F-35 fighter jet program. This aircraft, developed with cutting-edge stealth and combat capabilities, is a cornerstone of modern military operations. The possibility that such classified or proprietary data could be exposed or sold to adversaries adds a new layer of urgency to the situation, especially amid rising geopolitical tensions.
Meanwhile, Halcyon, a firm specializing in anti-ransomware solutions, has reported that the attackers may be seeking an even higher payout—potentially exceeding $600 million. This discrepancy in reported demands highlights the uncertainty surrounding the attackers’ intentions and the evolving nature of the negotiations.
Overall, the incident underscores the growing sophistication and boldness of state-linked cyber threat actors. It also serves as a stark reminder of the vulnerabilities faced by even the most advanced organizations, particularly those operating in critical sectors like defense and aerospace.
