Apple supplier Foxconn confirms ransomware attack affected North American factories
Source: 9to5Mac
Overview
Foxconn, one of Apple’s primary manufacturing partners, confirmed that several of its North American factories suffered a cyber‑attack in early May. The ransomware group Nitrogen claimed to have stolen 8 TB of data, including schematics and project details for customers such as Dell, Google, Apple, and Nvidia.
Details of the attack
-
Timeline – The outage first surfaced on Friday, May 1, when workers at Foxconn’s Mount Pleasant, Wisconsin campus reported a complete network collapse. Wi‑Fi was down by 7:00 AM, and by 11:00 AM the disruption had spread to core plant infrastructure. Employees were instructed to power down their computers and resort to paper timesheets.
-
Affected facilities – According to reports from The Cybersec Guru (citing AppleInsider), the Mount Pleasant, WI factory was impacted, and a separate Foxconn facility in Houston, Texas also experienced disruptions.
-
Data leaked – Nitrogen posted a sample of the stolen files, but none appear to contain Apple‑related material. The Mount Pleasant plant primarily manufactures televisions and data servers rather than Apple devices.
Historical context
Foxconn has been targeted by ransomware groups multiple times:
| Year | Incident | Ransom demand / Impact |
|---|---|---|
| 2020 | Ransomware attack on a facility in Ciudad Juárez, Mexico | ~34 million USD (Bitcoin) demand; servers encrypted, data stolen |
| 2020 (Dec) | DoppelPaymer ransomware on a Mexican plant | 1,804 BTC (≈ 34 million USD) demanded |
| 2022 (May) | LockBit ransomware on a Mexican facility | Production disrupted |
| 2024 | LockBit attack on subsidiary Foxsemicon Integrated Technology | Defacements and data breach claims |
Foxconn has not disclosed the full scope of the current incident but told WIRED that the affected factories are “currently resuming normal production.”