Foxconn, an Apple product assembly partner and one of the world's largest electronics contract manufacturers, suffered a hacker attack that resulted in the theft of 8TB of data, including over 11 million files.
Nitrogen, a cybercrime group that uses
Foxconn confirms cyberattack impacting operations
https://www.tmj4.com/news/local-news/in-your-community/milwaukee-county/foxconn-says-factories-have-resumed-normal-production-after-cyberattack
Foxconn Breach: Nitrogen Claims 8TB Theft from Wisconsin AI Plant | The CyberSec Guru
https://thecybersecguru.com/news/foxconn-wisconsin-breach-nitrogen-ransomware-8tb-data/
Hackers attack Foxconn again, Apple doesn't appear to be at risk
https://appleinsider.com/articles/26/05/12/hackers-attack-foxconn-again-apple-doesnt-appear-to-be-at-risk
Nitrogen has announced that it stole 8TB of data, including more than 11 million files, from Foxconn's systems. According to Nitrogen, the stolen data includes 'confidential instructions, diagrams, and other files from Intel, Apple, Google, Dell, NVIDIA, and many other projects.'
Nitrogen has released a collection of sample files as evidence that it infected Foxconn's systems with ransomware. Technology media outlet AppleInsider has not released links to the files allegedly stolen, but reports that 'analysis of the data samples stolen by Nitrogen revealed that it stole financial documents related to Foxconn's factory in Houston, Texas. Documents related to Foxconn's temperature sensors, integrated circuits, and circuit board layouts were also found.'
Furthermore, the publicly available sample files reportedly included many files related to network topologies for AMD, Intel, and Google projects, as well as files concerning server processors, sockets, and other components, and files related to Foxconn's electrical engineering team.
Foxconn has acknowledged that its Mount Pleasant, Wisconsin plant, which primarily manufactures televisions and data servers, was subjected to a cyberattack in May 2026. However, as mentioned earlier, the information stolen by Nitrogen included documents related to its Houston, Texas plant, and since each plant is protected by an internal VPN, it is highly likely that attacks were carried out on multiple plants to steal data.
However, in Apple's case, since the sample does not include any circuit diagrams, product development team documents, or quality control data, AppleInsider suggests that Apple is not concerned as much as it might think, as the Apple-related information is limited to what they obtained from emails and shared servers.
According to TMJ4, a local media outlet in Wisconsin, Foxconn's Mount Pleasant plant suffered network disruptions as a result of the cyberattack, halting production for about a week.
According to the security news site The Cybersec Guru, Foxconn's Mount Pleasant plant was subjected to a cyberattack around 7:00 AM on May 1, 2026, which resulted in Wi-Fi being cut off and disrupting the plant's core infrastructure until 11:00 AM. The Cybersec Guru reported that the effects of the cyberattack 'lasted until May 12.'
Security analyst Mark Henderson pointed out, 'The real concern is that Google and Intel's network topologies have been stolen. Because this is an architectural map of operational infrastructure, attackers could use this data to identify vulnerabilities in data centers around the world.'
Nitrogen, the group that launched this cyberattack, is a ransomware group that has been active since 2023. Nitrogen is suspected of being associated with ransomware known as 'Black Hat' and 'ALPHV,' and is known for its method of extorting victims after leaking stolen data.
Related Posts:
in Security, Posted by logu_ii