Foxconn Factories Hit by Ransomware: 8 TB of Sensitive Files Potentially Stolen

After several days of network outage at Foxconn's U.S. manufacturing sites, the Nitrogen ransomware group posted on a dark‑web blog that it had stolen more than 8 TB of data, roughly 11 million files, containing confidential specifications, project documents and schematics for customers such as Google, Intel, Apple, Dell and Nvidia.

Security researchers examined the data samples posted by the attackers, noting screenshots of hardware component specifications, circuit diagrams, investment documents and financial operation records. They confirmed that some samples matched the claim of Google‑related components, but found no evidence supporting the alleged leaks of Apple, Dell or Nvidia information.

The analysts warned that, if verified, the breach could severely affect Foxconn’s customers, as the leaked schematics and component details might be exploited to develop zero‑day vulnerabilities or be used by counterfeiters.

Foxconn acknowledged the cyber incident, stating that technical problems in its IT systems disrupted operations and that its security team had activated an emergency response to restore production and ensure data safety. The company did not comment on the Nitrogen accusations or confirm a direct link between the outage and the ransomware claim.

Nitrogen, first identified in 2023, operates as a ransomware‑as‑a‑service (RaaS) group employing a double‑extortion model that encrypts victim systems while exfiltrating data for ransom. Researchers suspect the group has ties to Eastern‑European operators and may be associated with the notorious BlackHat/ALPHV ransomware family.