Foxconn, a key contract manufacturer for the likes of Apple and Nvidia, has confirmed a cyberattack on its North American operations after the Nitrogen ransomware gang named the company on its data-leak site. A spokesperson told The Register that several of Foxconn's North American factories were hit, that its security team activated incident response, and that the affected plants are resuming normal production.
Nitrogen claimed it breached the Taiwan-based firm and stole 8 TB of data spanning more than 11 million files. The crew alleged the haul includes confidential instructions, internal project documentation, and technical drawings tied to work for Intel, Apple, Google, Dell, and Nvidia, among others. Foxconn declined to confirm whether any customer information was caught up in the intrusion.
Active since 2023, Nitrogen is believed to be one of several ransomware offshoots built from the leaked Conti 2 builder. In a twist that may not help its latest victim, researchers at Coveware warned in February that a programming error in the gang's decryptor — specifically the variant targeting VMware ESXi — can prevent file recovery even if a ransom is paid.
It is not the first time Foxconn has drawn ransomware attention. In 2024, LockBit claimed an attack on Foxsemicon Integrated Technology, a chip-equipment maker within the Foxconn group, and the same crew struck a Foxconn subsidiary in Mexico in 2022.