Back

Foxconn Cyberattack: Nitrogen Ransomware Claims 8TB of Data Theft

Severity: High (Score: 71.0)

Sources: Cybernews, Siliconrepublic, economictimes.indiatimes.com, Macrumors, Openthemagazine

Summary

Foxconn confirmed a cyberattack on its North American facilities, attributed to the Nitrogen ransomware group, which claims to have stolen 8 terabytes of data, including over 11 million files. The attack reportedly affected operations at the Mount Pleasant, Wisconsin, and Houston, Texas, facilities. Employees reported a complete network failure, leading to halted production and manual timekeeping. Although the attackers claimed to have stolen sensitive project documentation related to major clients like Apple, Intel, and Google, initial analyses suggest that no critical Apple-related files were included. Foxconn's cybersecurity team has activated response measures and is working to restore normal operations. The incident follows a series of previous ransomware attacks targeting Foxconn facilities. Key Points: • Nitrogen ransomware claims to have stolen 8TB of data from Foxconn, impacting multiple facilities. • The attack caused significant operational disruptions, with employees unable to access company systems. • Initial assessments indicate that no critical Apple-related files were compromised in the breach.

Key Entities

  • Data Breach (attack_type)
  • Ransomware (attack_type)
  • AMD (company)
  • Apple (company)
  • Banijay Group SAS (company)
  • Bretagne Télécom (company)
  • City Of Torrance (company)
  • China (country)
  • India (country)
  • Mexico (country)
  • Russia (country)
  • Taiwan (country)
  • CWE-200 - Exposure of Sensitive Information (cwe)
  • siliconrepublic.com (domain)
  • Construction (industry)
  • Financial (industry)
  • Manufacturing (industry)
  • Technology (industry)
  • Conti (ransomware_group)
  • Alphv (ransomware_group)
  • BlackCat (ransomware_group)
  • Conti 2 (ransomware_group)
  • Lockbit (ransomware_group)
  • T1041 - Exfiltration Over C2 Channel (mitre_attack)
  • T1486 - Data Encrypted for Impact (mitre_attack)
  • T1566.001 - Spearphishing Attachment (mitre_attack)
  • T1567 - Exfiltration Over Web Service (mitre_attack)
  • ESXi (platform)
  • VMware ESXi (platform)
  • DoppelPaymer (malware)
  • ESXi Encryptor (tool)
  • Nitrogen ESXi Encryptor (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed