Skip to content
← CIO Briefings · High Impact ACTION REQUIRED

Foxconn Ransomware Attack: Apple, NVIDIA, and Intel Supply Chain Data Stolen in 8 TB Exfiltration

Foxconn, the world's largest electronics contract manufacturer, confirmed a ransomware attack on its North American factories that exfiltrated 8 TB of supply chain data including documentation for Apple, NVIDIA, and Intel products. Manufacturing disruptions affected multiple facilities. Customers with sensitive product data in Foxconn's systems should assess notification obligations and consider supply chain intelligence exposure.

3 min read
#NIS2#GDPR
Brief

What Happened

Foxconn Technology Group, which manufactures a significant proportion of the world’s consumer electronics and enterprise hardware, confirmed that its North American operations were struck by the Nitrogen ransomware group. Attackers gained access to Foxconn’s manufacturing systems, exfiltrated approximately 8 TB of data before deploying encryption, and disrupted production at multiple facilities in Texas and Wisconsin.

The stolen data reportedly includes supply chain documentation, component specifications, manufacturing quality records, and logistics information for major technology customers including Apple, NVIDIA, and Intel. Nitrogen’s double-extortion model means this data will be published if a ransom is not paid. Foxconn did not confirm whether ransom negotiations are under way.

Business Impact

For organisations with manufacturing relationships with Foxconn or other tier-1 electronics contract manufacturers, this incident raises three business concerns:

  1. Intellectual property exposure: Design specifications and manufacturing process documentation for products assembled by Foxconn may be in the exfiltrated data. This includes confidential hardware architecture details, component sourcing strategies, and quality test procedures.
  2. Supply chain disruption: Production disruption at Foxconn’s North American facilities may affect component and finished product delivery timelines for customers. Affected facilities include iPhone assembly support and data centre component manufacturing.
  3. Third-party breach notification obligations: Under GDPR, any personal data processed on behalf of Foxconn customers that is included in the exfiltrated dataset may trigger notification obligations. Customers should assess their data processor agreements with Foxconn.

Board-Ready Summary

  • A ransomware attack on the world’s largest electronics manufacturer has resulted in 8 TB of customer supply chain data being stolen and threatened for publication.
  • Any organisation that designs or manufactures products through Foxconn should assume its product specifications and manufacturing documentation may be included in the stolen data.
  • Confirm your organisation’s data processor agreements with Foxconn and assess whether a GDPR or NIS2 notification obligation is triggered.
  1. Immediate (0–24 hours): If your organisation has a manufacturing or supply chain relationship with Foxconn, contact your Foxconn account team to understand what data was in scope and whether your specific product data was in the exfiltrated systems.
  2. Short-term (this week): Assess GDPR notification obligations if any personal data processed through Foxconn is confirmed to be in the stolen dataset. Document the assessment and conclusion.
  3. Supply chain risk: Engage your supply chain team to assess whether Foxconn’s production disruption affects your product delivery timelines. Consider inventory buffers or alternative sourcing options for affected components.
  4. Third-party security requirements: Review whether your supplier security requirements with tier-1 contract manufacturers include mandatory breach notification timelines and security posture reporting.