A ransomware attack on Apple supplier Foxconn highlights the growing threat to global technology supply chains, with hackers claiming to have stolen 8 terabytes of sensitive data.
Back
Foxconn Confirms Cyberattack as Hackers Claim 8TB Data Haul
Apple Inc. supplier Hon Hai Precision Industry Co., known as Foxconn, confirmed its North American operations were hit by a ransomware attack, with the group responsible claiming to have stolen 8 terabytes of data. The attack, which began in early May, disrupted production at several facilities and raises concerns about the security of data from key clients including Apple, Google, and Nvidia.
"The cybersecurity team immediately activated the response mechanism and implemented multiple operational measures to ensure the continuity of production and delivery," a Foxconn spokesperson said in a statement. "The affected factories are currently resuming normal production."
The ransomware group Nitrogen claimed responsibility on Monday, stating it exfiltrated approximately 11 million files. The cyberattack caused a significant network outage at Foxconn’s plant in Mount Pleasant, Wisconsin, disrupting production for about a week and forcing employees to use paper timesheets. While Nitrogen claims the stolen data includes confidential files related to Apple, analysts who reviewed a sample found it primarily contained financial documents and network topology for projects involving AMD, Intel, and Google.
The breach underscores a persistent vulnerability in the global electronics supply chain, where even secure companies like Apple can be exposed through their partners. While analysts suggest the direct impact on Apple's unreleased product pipeline may be limited, the theft of network topology data for data center projects at Google and Intel could allow for the exploitation of critical infrastructure vulnerabilities.
A Familiar Target
This is not the first time Foxconn has been targeted by ransomware groups. The company suffered attacks from the LockBit group in 2022 and 2024, and a 2020 attack by the DoppelPaymer group on a Mexican facility came with a demand for 1,804 Bitcoin, worth about $34 million at the time. The incident is part of a broader trend of attacks targeting Apple's manufacturing partners, with assembler Luxshare facing similar breaches in recent months.
The Nitrogen Group
Experts believe the Nitrogen group, active since 2023, is an offshoot of the leaked Russian-based Conti 2 ransomware code. The group practices a double-extortion model, encrypting victim data while also threatening to publish it. However, research from cybersecurity firm Coveware in February indicated a programming error in Nitrogen's decryptor tool prevents it from successfully recovering files, potentially making any ransom payment futile for the victim. Apple has not commented on the incident.
This article is for informational purposes only and does not constitute investment advice.
[1] Apple Supplier Foxconn Hit With Ransomware Attack[2] Foxconn breach underscores rising cybersecurity threats facing Apple suppliers[3] FCC router ban faces supply chain strain and factory cyberattack[4] Ransomware gang claims theft of Apple files in Foxconn attack[5] Foxconn confirms cyberattack hit some North American factories — hackers say they stole 8TB of data
