Apple supply and manufacturing partner Foxconn has had several of its US factories hit by a cyberattack. A ransomware group earlier this week claimed that the stolen files include confidential Apple project files.
The data heist was conducted by the Nitrogen hacking group, who claimed on its data leak site that it had kidnapped more than 11 million files totaling 8TB of data. In addition to Apple-related files, the bad actors claim to have stolen technical drawings and internal project documents related to the company’s other partners, including Dell, Intel, Nvidia, and Google.
The Register reports Foxconn did admit to the breach on Tuesday, although the company would not respond to the publicaton’s inquiries as to how much and what type of data was stolen.
“Some of Foxconn’s factories in North America suffered a cyberattack,” a Foxconn spokesperson told the publication. “The cybersecurity team immediately activated the response mechanism and implemented multiple operational measures to ensure the continuity of production and delivery. The affected factories are currently resuming normal production.”
Apple typically makes moves to lessen the impact of such cyberattacks on its partners, sharing only the minimum amount of information about a project needed for the partner to complete its role in the manufacturing process.
It should be noted that this isn’t the first time an Apple supply or assembly partner has been the target of a cyberattack. An Apple assembly partner in China was the target of attackers back in December 2025, and another partner, Luxshare, was hit by a similar attack in January 2026.
AppleInsider reports that it was able to get its hands on the sample provided by the group and says it included documentation related to Foxconn temperature sensors, integrated circuits, board layouts, and more, while also including financial data related to the company’s Houston, Texas, facility.
While the files the publication examined do not appear to include any documents related to Apple projects, the facility in question is not involved with any of Apple’s projects, instead producing primarily data servers and television
Unfortunately, even if Foxconn is willing to pay a ransom to recover its kidnapped data, it may not be able to recover it. Nitrogen is believed to be an offshoot of leaked Russia-based Conti 2 ransomware code, and researchers at Coveware in February warned that a bug in the group’s ESXi encryptor makes it impossible to recover files, even in cases where the ransom has been paid.
We don’t currently know the full scope of the cyberattack on Foxconn’s US facilities, or how much of Apple’s documents were taken in the datanapping. Mactrast will keep you posted if we learn anything more.
