Apple supplier Foxconn has confirmed a cyberattack that affected several of its factories in North America after the Nitrogen ransomware group claimed it stole confidential Apple-related files during the breach.
The ransomware gang said it took nearly 8TB of data containing more than 11 million files from Foxconn’s systems. According to the group, the stolen data includes internal project documents, technical drawings, and confidential instructions connected to companies such as Apple, Intel, Google, Dell, and Nvidia.
The Register reported Foxconn’s confirmation of the attack after the company acknowledged that “some of Foxconn’s factories in North America suffered a cyberattack.” Foxconn said its cybersecurity team activated emergency response measures immediately to protect operations and maintain production continuity. The company added that affected factories are now returning to normal production.
Foxconn did not confirm whether attackers actually accessed or stole customer data, including files connected to Apple projects. That detail remains unclear. However, the claims have raised concerns because Foxconn handles manufacturing for several major hardware companies, including Apple and Nvidia.
Nitrogen ransomware group claims massive data theft
Nitrogen has operated since 2023 and security researchers believe the group uses code linked to the leaked Conti 2 ransomware builder. The group mainly targets large enterprise systems and VMware ESXi environments.
Researchers at Coveware warned earlier this year that a flaw inside Nitrogen’s decryptor prevents victims from recovering encrypted files properly, even after paying ransom demands. That issue reportedly affects attacks involving VMware ESXi systems.
This is not the first ransomware incident involving Foxconn. The company previously faced attacks linked to the LockBit ransomware group in 2022 and 2024, including incidents involving Foxconn subsidiaries in Mexico and semiconductor operations within the Foxconn Technology Group.