An 11-million-file ransomware claim has put Foxconn, the Taiwan-based electronics manufacturing giant, at the center of a supply-chain security scare.
The Nitrogen ransomware gang says it stole 8 TB of data from Foxconn, including files allegedly tied to projects from Apple, Nvidia, Google, Dell, and Intel. The claim has drawn attention because Foxconn sits deep inside the hardware supply chains of some of the world’s biggest tech companies.
Attention now turns to the files the hackers say they obtained.
The alleged Foxconn cache includes technical files
Nitrogen’s leak post states that the cache contains confidential instructions, project documentation, and technical drawings.
The ransomware.live screenshot below shows Foxconn listed on Nitrogen’s site with a “proof of leakage” area and sample thumbnails.
In a manufacturing breach, technical drawings and project documents can expose how components are built, tested, or integrated into customer products.
Factories were hit
Foxconn has confirmed that the incident affected some of its operations.
“Some of Foxconn’s factories in North America suffered a cyberattack,” a Foxconn spokesperson told The Register. “The cybersecurity team immediately activated the response mechanism and implemented multiple operational measures to ensure the continuity of production and delivery. The affected factories are currently resuming normal production.”
The company declined to confirm whether customer information was taken.
Must-read security coverage
Who is Nitrogen?
Nitrogen has been active since 2023 and is part of the ransomware ecosystem that followed the leak of the Conti 2 builder, a codebase later reused by multiple criminal groups. By 2024, the hacking group had moved into direct extortion, claiming victims across sectors where stolen data can create pressure fast.
Recent activity tied to Nitrogen includes:
- SRP Federal Credit Union: The group claimed it stole 650GB of customer data after a breach affecting more than 240,000 people. SRP said its online banking and core processing systems were not affected.
- Red Barrels: The group was linked to an attack on the Canadian studio behind Outlast, where attackers reportedly claimed to have stolen 1.8TB of data, including source code, HR files, and game builds.
The hackers may also leave victims with fewer recovery options. Coveware researchers found that its VMware ESXi malware can corrupt files in a way even the attackers cannot reverse, making payment useless for victims without viable backups.
If the cache contains live project materials, the fallout could include counterfeit risk, competitive leakage, and new scrutiny of supplier data controls.
Baby monitors and security cameras are under scrutiny after Meari flaws reportedly exposed data from over 1 million devices.
Read the full article here
