As of May 13, 2026, Foxconn confirmed that a cyberattack by the Nitrogen ransomware group targeted its North American factories, causing disruptions. The attackers claimed to have stolen 8 terabytes of data, potentially affecting confidential documents from clients like Apple, Nvidia, and Google.
Key Details of the Incident:
- Targeted Facilities: The attack hit multiple North American locations, including facilities in Wisconsin, Ohio, Texas, Virginia, and Mexico.
- Attackers & Impact: The “Nitrogen” ransomware group claimed responsibility. Some operations were forced to switch to manual procedures, such as using paper timecards.
- Data Breach Claims: Attackers allege they stole 8 terabytes (approx. 11 million files), which supposedly include sensitive technical drawings, internal project documentation, and server topology for major clients.
- Response: Foxconn confirmed the breach on May 12–13, 2026, stating that cybersecurity measures were activated, and affected factories are in the process of resuming normal production.
- Ransomware Characteristics: The Nitrogen group, known to use a double-extortion model, may have a flawed encryptor, making file recovery impossible even if a ransom is paid, according to threat intelligence reports.
Foxconn has not officially disclosed the exact nature of the stolen data or whether a ransom will be paid. The company has previously faced similar cybersecurity challenges. [1, 2]
