BREAKINGVERIFIEDBy Xavier Rivera· ·2 min read
Foxconn Confirms Ransomware Attack on North American Factories
Foxconn confirms some of its North American factories suffered a cyberattack after Nitrogen claimed to steal 8TB of data including schematics from Apple and other customers. The incident is the latest in a series of ransomware attacks on the manufacturer though the affected plants are now resuming normal production.
Source:9to5Mac
TL;DRAI · 60 sec read
Foxconn acknowledges that some of its North American factories suffer a cyberattack in recent days. The confirmation follows the ransomware group Nitrogen claiming to have stolen 8 TB of data from the company, according to WIRED.
The ransomware group attempts to extort the electronics manufacturing giant Foxconn. It claims the stolen data includes schematics and project details from customers including Dell, Google, Apple, and Nvidia. Foxconn serves as one of Apple’s main manufacturing partners for the iPhone and other devices.
This is not the first ransomware incident involving Foxconn in recent years. In 2020 a Foxconn facility in Ciudad Juárez, Mexico encounters an attack that encrypts servers, steals data, and includes a bitcoin demand worth roughly $34.6 million at the time. The DoppelPaymer ransomware group demands 1,804 Bitcoin worth roughly $34 million at the time.
The LockBit group hits another Foxconn facility in Mexico in May 2022 and disrupts production. Most recently LockBit attacks a subsidiary called Foxsemicon Integrated Technology in 2024 with defacements and data breach claims.
The affected plants this time include the Mount Pleasant factory in Wisconsin and a facility in Houston, Texas. The outage first surfaces on Friday, May 1 when workers at the Mount Pleasant campus report a full network collapse. Wi-Fi is gone by 7:00 AM and the disruption spreads through core plant infrastructure.
One worker who asks not to be identified says they are told to turn off their computers and not log back in under any circumstances. The timecard terminals are dead. Workers fill out paper timesheets just to track their hours.
Nitrogen posts a set of sample files allegedly taken from Foxconn. Apple-related materials do not appear to be present in them. The Mount Pleasant facility primarily produces televisions and data servers rather than Apple devices.
Foxconn has not confirmed the scope of the incident. The company tells WIRED that the affected factories are currently resuming normal production.
The ransomware group attempts to extort the electronics manufacturing giant Foxconn. It claims the stolen data includes schematics and project details from customers including Dell, Google, Apple, and Nvidia. Foxconn serves as one of Apple’s main manufacturing partners for the iPhone and other devices.
This is not the first ransomware incident involving Foxconn in recent years. In 2020 a Foxconn facility in Ciudad Juárez, Mexico encounters an attack that encrypts servers, steals data, and includes a bitcoin demand worth roughly $34.6 million at the time. The DoppelPaymer ransomware group demands 1,804 Bitcoin worth roughly $34 million at the time.
The LockBit group hits another Foxconn facility in Mexico in May 2022 and disrupts production. Most recently LockBit attacks a subsidiary called Foxsemicon Integrated Technology in 2024 with defacements and data breach claims.
The affected plants this time include the Mount Pleasant factory in Wisconsin and a facility in Houston, Texas. The outage first surfaces on Friday, May 1 when workers at the Mount Pleasant campus report a full network collapse. Wi-Fi is gone by 7:00 AM and the disruption spreads through core plant infrastructure.
One worker who asks not to be identified says they are told to turn off their computers and not log back in under any circumstances. The timecard terminals are dead. Workers fill out paper timesheets just to track their hours.
Nitrogen posts a set of sample files allegedly taken from Foxconn. Apple-related materials do not appear to be present in them. The Mount Pleasant facility primarily produces televisions and data servers rather than Apple devices.
Foxconn has not confirmed the scope of the incident. The company tells WIRED that the affected factories are currently resuming normal production.
HELP US IMPROVE
Reader-supported
The Circuitry is a passion project I've always wanted to build, and I love the work behind it.
Running it costs real money. APIs, hosting, time. To keep improving the site and growing this into something useful for everyone, those costs have to be covered.
Any contribution is appreciated. If not, no pressure. Thanks for reading.