Hackers are claiming to have stolen a trove of data belonging to Lockheed Martin, the world’s largest defense contractor and an American aerospace company. They are now selling it on the dark web.
The situation began on March 26, 2026, when a Telegram account linked to a dark web marketplace known as Threat Market, which posts in both Russian and English, claimed it had been approached by a group described as “APT IRAN.” According to the post, the group requested infrastructure support to sell what was described as 375 terabytes of data allegedly taken from Lockheed Martin.
The message further stated that direct access to the platform’s administrative panel had been granted to the APT IRAN group to facilitate the sale. It also referenced the use of cryptocurrency mixers to handle proceeds, a method often used to make payments harder to trace.
Three days later, on March 29, the same Telegram account announced that the entire 375TB of data was officially listed for sale. The listing advertised a “complete dump” with a stated value of roughly $374 million ($374,821,400) and an exclusive buyout price close to $600 million ($598,500,000).
Screenshots from the marketplace analysed by Hackread.com show categorized data segments, including references to internal projects, source code, and personnel-related information. The structure and presentation resemble typical dark web data sale pages, though authenticity remains unconfirmed.
It is worth noting that large breach claims involving hundreds of terabytes are not unusual on the dark web markets, where exaggerated figures are frequently used to attract buyers or media attention. However, a buyout price of $600 million is something never seen before.
Lockheed Martin Related Claims From Another Group
Around the same time, on March 26, 2026, a group calling itself Handala Hack Team, described as Iran-linked and recently in the news for breaching the personal Gmail account of Kash Patel, the FBI Director, and targeting Stryker Corporation, published a separate message referencing Lockheed Martin employees.
This was different from the Threat Market claim; this post focused on personal data of a limited number of individuals, specifically engineers allegedly connected to defense projects. The group claimed it had accessed detailed personal information and had contacted some of the individuals directly. It also issued threats and a 48-hour ultimatum tied to geopolitical demands.
There’s no clear link between this activity and the alleged 375TB data. The timing may just be coincidental, and the two claims seem to involve different kinds of data. However, this isn’t the first time a group has claimed access to Lockheed Martin employee data. In August 2022, the pro-Russia hacker group Killnet said it had obtained personal information, including employee email addresses and phone numbers.
At this point, the situation remains unclear. There is no public confirmation from Lockheed Martin regarding any breach of this nature, and no sample data has been verified by trusted security researchers.
Hackread.com has reached out to the company for comment.
