Back

Foxconn Cyberattack: 8TB of Data Stolen by Nitrogen Ransomware Group

Severity: High (Score: 66.0)

Sources: Theregister, 9To5Mac, appleinsider.com, www.wired.com, www.tmj4.com

Summary

On May 1, 2026, Foxconn's Mount Pleasant facility in Wisconsin experienced a significant network outage, later confirmed to be due to a ransomware attack by the Nitrogen group. The attackers claim to have stolen 8 terabytes of data, including over 11 million files related to confidential projects from major companies like Apple, Intel, and Google. Although the ransomware group has posted sample files as proof, initial analyses suggest that no sensitive Apple design documents were compromised. Foxconn has acknowledged the attack and is working to restore operations, which have been disrupted for several days. The incident follows a series of cyberattacks targeting Foxconn facilities, raising concerns about the security of its supply chain. The attack method is believed to involve ransomware, with the potential for further exploitation of the stolen data. Foxconn's cybersecurity team has activated response measures to mitigate the impact of the breach. Key Points: • Nitrogen ransomware group claims to have stolen 8TB of data from Foxconn. • Foxconn's Mount Pleasant facility faced a network outage linked to the cyberattack. • No Apple-related sensitive data appears to have been compromised in the breach.

Key Entities

  • Data Breach (attack_type)
  • Ransomware (attack_type)
  • AMD (company)
  • Apple (company)
  • Banijay Group SAS (company)
  • Bretagne Télécom (company)
  • City Of Torrance (company)
  • China (country)
  • India (country)
  • Mexico (country)
  • Taiwan (country)
  • Manufacturing (industry)
  • Conti (ransomware_group)
  • Alphv (ransomware_group)
  • Lockbit (ransomware_group)
  • Nitrogen (ransomware_group)
  • Nitrogen Ransomware Gang (ransomware_group)
  • T1041 - Exfiltration Over C2 Channel (mitre_attack)
  • T1486 - Data Encrypted for Impact (mitre_attack)
  • T1566.001 - Spearphishing Attachment (mitre_attack)
  • T1567 - Exfiltration Over Web Service (mitre_attack)
  • VMware ESXi (platform)
  • DoppelPaymer (malware)
  • Nitrogen ESXi Encryptor (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed