Foxconn Confirms Cyberattack After Nitrogen Ransomware Gang Claim

HomeCyber Security Foxconn Confirms Cyberattack After Nitrogen Ransomware Gang Claim By Guru Baran May 13, 2026 Foxconn has officially confirmed a cyberattack targeting its North American operations after the Nitrogen ransomware gang publicly listed the company on its data leak site, claiming to have stolen a staggering 8 terabytes of sensitive data. The Nitrogen ransomware group made its move on Monday, posting Foxconn on its breach and extortion portal and asserting it had exfiltrated more than 11 million files from the company’s systems. The following day, Foxconn acknowledged the breach. “Some of Foxconn’s factories in North America suffered a cyberattack,” a company spokesperson confirmed to The Register. “The cybersecurity team immediately activated the response mechanism and implemented multiple operational measures to ensure the continuity of production and delivery.” Reports indicate the affected facilities include Foxconn’s plant in Mount Pleasant, Wisconsin, as well as a factory in Houston, Texas, with some staff temporarily forced to use pen and paper or stay home during the disruption. The Nitrogen gang claims the stolen data includes confidential instructions, internal project documentation, and technical drawings tied to projects at Intel, Apple, Google, Dell, and Nvidia. Nitrogen gang claim Analysis of publicly released sample files revealed financial documents connected to the Houston facility, along with circuit board layouts, temperature sensor data, and integrated circuit documentation. Critically, sample files also contained network topology maps for AMD, Intel, and Google projects, a detail that alarmed security analysts. “The real concern is that Google and Intel’s network topologies have been stolen. Because this is an architectural map of operational infrastructure, attackers could use this data to identify vulnerabilities in data centers around the world,” security analyst Mark Henderson warned. Despite Nitrogen’s claims that Apple project files were among the stolen data, AppleInsider reported that the available sample files do not appear to contain Apple circuit diagrams, product development documents, or quality control data, noting that Foxconn’s Mount Pleasant facility primarily manufactures televisions and data servers, not Apple devices. Nitrogen is a ransomware operation that has been active since 2023 and is believed to be built on leaked source code from the Conti 2 builder. The group is suspected of having links to the infamous ALPHV/BlackCat ransomware ecosystem and operates a double-extortion model — encrypting victim data while simultaneously threatening to publish it publicly. Foxconn stated that affected factories are currently resuming normal production, though the company declined to confirm whether any customer data was actually stolen. The incident marks at least the third time Foxconn has faced a major ransomware attack, underscoring persistent security vulnerabilities within global electronics supply chains. Follow us on Google News, LinkedIn, and X to Get More Instant Updates. Tags cyber security cyber security news data breach Copy URL Linkedin Twitter ReddIt Telegram Guru Baranhttps://cybersecuritynews.com Gurubaran KS is a cybersecurity analyst, and Journalist with a strong focus on emerging threats and digital defense strategies. He is the Co-Founder and Editor-in-Chief of Cyber Security News, where he leads editorial coverage on global cybersecurity developments. Trending News Taiwan High Speed Rail Hacked Using Radio Signal Spoofing Attack That Halted Three Trains Top 10 Best Interactive Malware Analysis Tools in 2026 New Stealthy Vidar Stealer Campaign Bypass EDR and Steal Credentials New FEMITBOT Network Uses Telegram Mini Apps to Push Crypto Fraud and Android Malware GhostLock Tool Leverages Windows API to Lock File Access Like Ransomware Latest News Cyber Security News ClickFix Evolves with 10-Year-Old Open-Source Python SOCKS5 Proxy Cyber Security News Critical SandboxJS Escape Vulnerability Enables Host Takeover Cyber Security News iOS 26.5 Brings End-to-end Encrypted RCS Messaging Between iPhone and Android Cyber Security News New Exim BDAT GnuTLS Vulnerability Enables Code Execution Attacks Cyber Security News Google Enhances Android Mobile Security with New AI-Powered Protections