Foxconn confirms cyberattack on North American factories - Nitrogen ransomware crew claims 8 TB stolen including Apple, Intel, Google, Dell, and Nvidia project files

Foxconn confirmed Tuesday that a cyberattack hit several North American factories, with its Wisconsin Mount Pleasant facility halting production for a week starting May 1. Workers were told to power off computers and revert to paper timesheets. Nitrogen ransomware group claimed responsibility, posting 8 TB of stolen data covering 11 million files - allegedly including project documentation tied to Apple, Intel, Google, Dell, AMD, and Nvidia. Foxconn says production is resuming. This is the fourth ransomware attack on a Foxconn entity since 2020.

Check

If your organization is a Foxconn customer sharing technical documentation, audit which projects had files staged at the Mount Pleasant facility between January and May.

Affected

Foxconn customers with data at the Wisconsin facility - Apple, Intel, Google, Dell, AMD, Nvidia, Cisco, Microsoft. Acute: organizations whose chip architecture or data center topology documents were shared for server or AI infrastructure production.

Fix

Contact Foxconn directly to confirm what was exfiltrated. Treat any technical documentation shared with Mount Pleasant since 2024 as potentially exposed. Rotate credentials, API keys, or signing certificates Foxconn held.