Foxconn, known as the world’s largest electronics manufacturer, is in the process of restoring normal operations at some of its North American factories following a recent cyberattack.
With a workforce of over 900,000 employees spread across 240 campuses in 24 countries, Foxconn reported revenues exceeding $260 billion in 2025. The company holds the 28th position in the Fortune Global 500 list and is responsible for manufacturing a wide array of electronic products for tech giants like Apple, Nvidia, Intel, and Google.
The cyber incident was confirmed by a Foxconn spokesperson after claims made by the Nitrogen ransomware group surfaced, stating that they had accessed 8 TB of data and over 11 million documents.
“Some of Foxconn’s North American factories fell victim to a cyberattack,” the spokesperson informed BleepingComputer via email. “Our cybersecurity team swiftly initiated response protocols and implemented various measures to ensure the continuity of production and delivery. Affected factories are now returning to normal operational status.”
Nitrogen’s dark web leak site reveals that the stolen Foxconn documents include “confidential instructions, projects, and drawings” from major clients such as Apple, Intel, Google, Nvidia, and AMD.
The Nitrogen ransomware operation emerged in 2023 with a malware loader of the same name that deployed BlackCat/ALPHV ransomware. Subsequently, the group developed its own ransomware strain using leaked Conti 2 builder code. However, a coding error in the ESXi malware led to the encryption of files with the wrong public key, rendering them irreparably corrupted.
Although Nitrogen ransomware has not been highly active, it has steadily added numerous victims to its leak site since 2024.
This is not the first instance of Foxconn falling victim to ransomware attacks. The LockBit ransomware gang claimed responsibility for targeting Foxconn subsidiary Foxsemicon in January 2024 and a Foxconn production plant in Tijuana, Mexico, in late May 2022.
In December 2020, the DoppelPaymer ransomware operation also asserted its attack on Foxconn’s CTBG MX facility in Ciudad Juárez, demanding a $34 million ransom after allegedly exfiltrating 100GB of data, encrypting around 1,400 servers, and obliterating 20 to 30TB of backup data.
AI combined four zero-day vulnerabilities to create an exploit that circumvented both renderer and OS sandboxes, signaling a wave of impending exploits. Join the Autonomous Validation Summit on May 12 & 14 to witness how autonomous, context-rich validation identifies exploitable areas, validates controls, and completes the remediation process.
Claim Your Spot
EU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
Facebook’s New Look: A Blend of Instagram’s Style
Facebook Compliance: ICE-tracking Page Removed After US Government Intervention
Facebook and Instagram to Reduce Personalized Ads for European Users
InstaDub: Meta’s AI Translation Tool for Instagram Videos
Reclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
Meta discontinues Messenger apps for Windows and macOS
Subscribe to our weekly newsletter below and never miss the latest News or an exclusive offer.
