Foxconn Confirms 8TB Data Theft in US Factory Ransomware Attack, Including Apple Information
Updated
Updated · Computerworld · May 13
Foxconn Confirms 8TB Data Theft in US Factory Ransomware Attack, Including Apple Information
15 articles · Updated · Computerworld · May 13
Foxconn said ransomware hit its US factories in recent days, after attackers claimed they stole 8TB of company data including confidential Apple information.
May 1 marked the attack’s detection: Foxconn’s network collapsed, Wi-Fi failed first, disruption spread to core plant infrastructure, and workers were told to shut down computers and not log back in.
Sample files released by the gang did not appear to contain Apple material, but the incident adds to earlier attacks on Foxconn facilities and subsidiaries.
Manufacturing has been the most targeted industry for four straight years, IBM said, while Dragos estimates 70% of ransomware attacks have affected the sector, where downtime pressure can increase leverage on victims.
The breach underscores rising supply-chain cyber risk for industrial groups and major customers such as Apple, as factories digitize faster than attackers are being contained.
With AI now accelerating cyberattacks, are traditional manufacturing security strategies already obsolete?
As cyberattacks disrupt global manufacturing, is the era of cost-driven supply chains officially over?
If hackers are stealing data for future quantum decryption, is any company's long-term intellectual property truly safe?
8TB Data Breach at Foxconn: May 2026 Ransomware Attack Reveals Manufacturing Sector Vulnerabilities
Overview
In May 2026, Foxconn’s North American factories were hit by a ransomware attack, highlighting the ongoing vulnerability of the manufacturing sector to cyber threats. This incident follows previous attacks on Foxconn by groups like LockBit and reflects a broader trend, as manufacturing remains a top target for ransomware. The Nitrogen ransomware group, active since 2023 and known for targeting manufacturing and technology companies, is believed to be involved. The attack used advanced encryption, risking sensitive data and causing operational disruptions. This pattern of repeated attacks underscores the urgent need for stronger cybersecurity across global supply chains.