Apple Project Files Allegedly Stolen in Foxconn Ransomware Attack

[MacRumors]

Apple supplier Foxconn has confirmed a cyberattack on several of its U.S. factories, after a ransomware group claimed to have stolen confidential Apple project files as part of the hack.

The Nitrogen group posted the breach on its data leak site this week, claiming to have made off with 8TB of data spanning more than 11 million files. Alongside the allegedly stolen Apple files, Nitrogen claims the trove includes internal project documentation and technical drawings tied to Intel, Google, Dell, and Nvidia.

Foxconn confirmed the intrusion to The Register on Tuesday, but the supplier did not respond to questions regarding whether any customer data was actually taken. A company spokesperson said its cybersecurity team activated response measures to keep production running, and that all of its affected factories are resuming normal operations.

Foxconn assembles a wide range of Apple products, but Apple famously takes the secrecy of unreleased products extremely seriously, and suppliers typically receive only the technical information needed for their specific role in manufacturing.

Nitrogen is believed to be an offshoot of leaked Russia-based Conti 2 ransomware code. If so, though, the stolen files may be inaccessible. Researchers at Coveware warned in February that a bug in the group's ESXi encryptor makes file recovery impossible, even for victims who pay up.

It's not the first time Foxconn has been targeted by ransomware gangs. The manufacturer was previously hit by LockBit in 2022 and 2024.

Article Link: Apple Project Files Allegedly Stolen in Foxconn Ransomware Attack

 

[Trusteft]

You should always have the most important files and systems of yours, connected to the internet. Where is the fun if you don't?
Besides, ease of use and access trumps security/safety! Always!

 

[t0rqx]

just documentation of some five year-old products nothing new

 

[winxmac]

I'm expecting files related to iPhone XX to be part of the stolen information.

 

[wanha]

Foxconn refusing "to respond to questions regarding whether any customer data was actually taken" is itself the answer, since they would love nothing more than to announce that "no customer data was taken"

 

[Blackstick]

There’s nobody to sell these schematics to who could do anything with them. There’s 4 firms in the world capable of making products like this and they’re not gonna trade in stolen corporate secrets with the contracts they have.

Nevermind inevitably some are of the iPhone 7 or a 2015 Microsoft Surface, masterful stroke! Congrats you can make the frame of an iPhone XS, amazing!

It’s like stealing a $4 million MRI machine… there’s only 100 hospitals in the market and they’re not gonna buy from a rando in a van.

Honda Civics get vandalized because there’s a black market. Rolls Royce Wraith gets ignored because the 758 owners aren’t gonna look on eBay for a part.

 

[rikki_t]

Apple has some new ideas ?, when did this happen

 

[Wahlstrm]

Exposure management is important.
Patching and fixing misconfigurations etc isn’t optional anymore.

 

[PBG4 Dude]

There’s nobody to sell these schematics to who could do anything with them. There’s 4 firms in the world capable of making products like this and they’re not gonna trade in stolen corporate secrets with the contracts they have.

Nevermind inevitably some are of the iPhone 7 or a 2015 Microsoft Surface, masterful stroke! Congrats you can make the frame of an iPhone XS, amazing!

It’s like stealing a $4 million MRI machine… there’s only 100 hospitals in the market and they’re not gonna buy from a rando in a van.

Honda Civics get vandalized because there’s a black market. Rolls Royce Wraith gets ignored because the 758 owners aren’t gonna look on eBay for a part.

Like when someone stole the Coca Cola formula and tried to sell it to Pepsi.

The botched Coca-Cola heist of 2006

Twelve years ago, a disgruntled Coca-Cola employee tried to sell top-secret Coke documents to a Pepsi exec named "Jerry." But, Jerry wasn’t who he claimed to be — and sh*t was about to hit the fan...

thehustle.co

 

[Kr0019]

One of the files of Apple product schematics has just been released. Mind blowing.

 

[groove-agent]

Ooooh Foxconn is going to be in some hot water.

 

[svish]

Something should be done to improve security. Hopefully such problems do not recur.

 

[groove-agent]

One of the files of Apple product schematics has just been released. Mind blowing.

Is this the iFloat i've been hearing about on Macrumors? 😉

 

[Kr0019]

Is this the iFloat i've been hearing about on Macrumors? 😉

It was announced some time back, they’re just waiting for Apple Intelligence to be ready for implementation. 😉

 

[JosephAW]

Computers were probably still running Windows 10, they didn’t want Windows 11. 😵

 

[kushner]

There are far too few attacks like these! That is the only way for us, the people, to know the truths

 

[HouseLannister]

Every file just details a plan to take an existing number, add one, and create a misleading graph for a Keynote presentation showing how it is better. Weird.

 

[Earwolf]

Is this the iFloat i've been hearing about on Macrumors? 😉

The iTanic

 

[janwerbinski]

So they don't have 3-2-1 backup with offsite and offline copy? Ridiculous!

 

[TVreporter]

Hackers: Ugh what a waste of time...it's just details on a new Vision Pro.

 

[CarAnalogy]

Computers were probably still running Windows 10, they didn’t want Windows 11. 😵

It’s funny because it may or may not be true in this case but it’s definitely true in many places.

Still can’t believe Microsoft was allowed to use security patches as leverage like this.

 

[nt5672]

Foxconn refusing "to respond to questions regarding whether any customer data was actually taken" is itself the answer, since they would love nothing more than to announce that "no customer data was taken"

1. These announcement have legal and liability implications. So they are not going to respond until they are sure.
2. If you have ever participated in a post event triage of an event like this you'd know there are very many layers to unravel and this becomes really hard when the hackers are experienced enough to cover their tracks.

So any lack of Foxconn response details at this time are meaningless.

 

[MacGizmo]

There are far too few attacks like these! That is the only way for us, the people, to know the truths

The "truths?" Whats ares the truths?

I'm curious. What did you learn with this hack? What exactly did you learn that we didn't know before? What's the big coverup that you now know the truth about?

 

[trusso]

Wondering how deep the “Russia can do no wrong” tentacles extend inside readers’ psyches when it becomes a shibboleth for one’s worldview, innocuously subscribed to as part and parcel of other, shall we say, more domestic inclinations.

I work in a sensitive field. It amazes and concerns me how much the going wisdom is that our major adversary is China, when China continually shows that they are a rational actor that will behave in their own economic interest, which (by the way) precludes them from many of people’s worst fears.

Russia (okay, specifically the Kremlin) is the rouge nation that loves to watch the rest of the world burn. Heck, I’d love to be friends with them, but there’s a sickness in trying to bring everyone else down that inhibits any genuine partnership.

Russia: when Putin croaks, fight to put in a leader who gives a damn about you and the rest of the world.

Mods, if this is seen as too “political”, a simple message will suffice, instead of banning me for three whole weeks - again. 🙄 (Seriously. I’m not your enemy. We’re both adults, we can talk about things instead of making assumptions.)

 

[Win$ton l]

Hackers are like “Apple air power…what’s that?”