Foxconn North American Facilities Hit by Major Ransomware Attack
- Foxconn confirmed a ransomware attack by the 'Nitrogen' group, which claims to have stolen 8TB of data from its North American factories.
- The breach caused a total network collapse at the Mount Pleasant, Wisconsin facility, forcing staff to rely on manual, paper-based operations.
- While the attackers claim to hold sensitive data from major tech partners, there is no current evidence suggesting Apple-specific project files were compromised in this incident.
Supply Chain Security Under Fire: Foxconn Confirms Cybersecurity Breach
Manufacturing giant Foxconn, a cornerstone of the global electronics supply chain, has officially confirmed that several of its North American factories were the targets of a significant cyberattack. The incident, which has sent ripples through the tech industry, was orchestrated by a ransomware syndicate known as Nitrogen, which claims to have exfiltrated a massive 8TB of sensitive corporate data.
The Scope of the Disruption
Reports indicate that the breach first manifested as a systemic network collapse on May 1 at the company’s Mount Pleasant, Wisconsin, facility. Employees on the ground described an immediate shutdown of core infrastructure, including Wi-Fi connectivity and internal computer systems. Operations were forced to pivot to manual record-keeping as digital timecard terminals were rendered inoperable.
Further investigation suggests that the impact was not confined to Wisconsin. Facilities in Houston, Texas, have also reportedly been affected by the intrusion. While Foxconn has refrained from disclosing the full extent of the compromised data, it confirmed in a statement that affected plants are currently working to resume normal production schedules.
What Was Stolen?
The Nitrogen ransomware group alleges that the stolen 8TB haul includes critical schematics, project details, and proprietary data from industry titans, including Dell, Google, and Nvidia. Interestingly, while there are fears regarding Apple-related intellectual property, initial samples released by the attackers do not appear to contain direct data on upcoming Apple projects. This is likely due to the fact that the targeted facilities specialize in data servers and television manufacturing rather than mobile device production.
A Pattern of Vulnerability
This latest attack marks a concerning trend for Foxconn, which has become an increasingly high-profile target for extortionist groups over the last several years:
- 2020: A facility in Ciudad Juárez, Mexico, was hit by the DoppelPaymer group, leading to a ransom demand of roughly $34 million in Bitcoin.
- 2022: The LockBit group successfully targeted another Mexican facility, leading to significant production downtime.
- 2024: Foxsemicon Integrated Technology, a Foxconn subsidiary, suffered a breach that involved widespread website defacement and claims of data theft.
As cyber-extortion groups evolve their tactics, the incident serves as a stark reminder of the fragile nature of global manufacturing logistics. For now, the industry awaits further clarity on whether the leaked data poses a broader threat to the corporate security of Foxconn’s diverse portfolio of high-tech partners.
