Algo v0.31
Substrate
technology

Ransomware Group Claims Theft of 8 TB of Data From Foxconn

A ransomware group known as Nitrogen listed Foxconn on its breach site on Monday and said it stole 8 TB of data including schematics and project details from customers such as Dell, Google, Apple and Nvidia. Foxconn acknowledged a cyberattack on some North American factories and said affected sites are resuming normal production.

Wired
itsecuritynews.info
2 sources·May 12, 9:52 PM(16 days ago)·2m read|
Ransomware Group Claims Theft of 8 TB of Data From FoxconnWired
Audio version
Tap play to generate a narrated version.
Developing·Limited corroboration so far. This page will refresh as more sources emerge.

A ransomware group is attempting to extort the electronics manufacturing giant Foxconn, stating that it stole 8 TB of data from the company, including schematics and project details from customers including Dell, Google, Apple, and Nvidia. Foxconn did not immediately respond to a request for comment about the validity of the claims.

The company acknowledged that some of its North American factories suffered a cyberattack in recent days. Affected factories are currently resuming normal production after outages. Foxconn serves as a key manufacturing contractor for electronic components or entire devices.

It holds its own intellectual property as well as that of its customers. The scale of its operations and the sensitive data it maintains make it a frequent target for ransomware and data extortion actors.

The company has faced a number of extortion attempts in recent years. The LockBit group hit another Foxconn facility in Mexico in May 2022 and disrupted production. Most recently, LockBit attacked a subsidiary called Foxsemicon Integrated Technology in 2024 with defacements and data breach claims.

Nitrogen, the group behind the latest incident, emerged in 2023. It has been steadily active with some spikes, including at the end of 2024, and has connections to the ALPHV/BlackCat ransomware group.

In addition to attempting to extort victims by threatening to release stolen data, Nitrogen often deploys traditional ransomware that encrypts a target's systems. Researchers say that the group's ransomware program was built off of widely repurposed Conti 2 code.

The encrypting mechanism has a design flaw that makes it impossible to decrypt data once it has been encrypted. It is unclear if this flaw is a factor in Foxconn's incident response this week. Ransomware and data extortion remain a persistent digital security problem.

Attackers regularly repeat targets and carry out large-scale disruptive attacks. Just last week, thousands of schools around the U.S. were paralyzed amid finals and other year-end activities when the education technology firm Instructure shut down access to its Canvas platform following a breach perpetrated by extortion actors.

Key Facts

8 TB
data volume Nitrogen claims stolen from Foxconn
Nitrogen group
emerged in 2023, listed Foxconn on breach site Monday
Foxconn
acknowledged cyberattack on North American factories
Apple, Dell, Google, Nvidia
customer project details reportedly in stolen data
Conti 2 code
basis for Nitrogen ransomware with decryption flaw
cybersecurityransomwaremanufacturingsupply-chain

Story Timeline

5 events
  1. 2026-05-12

    Nitrogen group lists Foxconn on its breach site claiming 8 TB data theft.

    1 sourceWired
  2. Recent days

    Foxconn North American factories suffer cyberattack and begin resuming production.

    1 sourceWired
  3. 2024

    LockBit attacked Foxconn subsidiary Foxsemicon Integrated Technology.

    1 sourceWired
  4. May 2022

    LockBit ransomware hit a Foxconn facility in Mexico disrupting production.

    1 sourceWired
  5. December 2020

    DoppelPaymer ransomware attacked Foxconn Mexican facility demanding 1,804 Bitcoin.

    1 sourceWired

Potential Impact

  1. 01

    Potential exposure of intellectual property belonging to Apple, Dell, Google and Nvidia.

  2. 02

    Nitrogen may publish the claimed 8 TB of data if Foxconn does not pay.

  3. 03

    The incident adds to Foxconn's history of multiple ransomware attacks since 2020.

Transparency Panel

Sources cross-referenced2
Confidence score75%
Synthesized bySubstrate AI
Word count341 words
PublishedMay 12, 2026, 9:52 PM
Bias signals removed5 across 2 outlets
Signal Breakdown
Editorializing 2Framing 1Amplifying 1Loaded 1
Original Sources
WiredFoxconn Ransomware Attack Shows Nothing Is Safe Foreveritsecuritynews.infoFoxconn Ransomware Attack Shows Nothing Is Safe Forevervia search

Related Stories

World Urban Forum 2026 Draws 57,000 Participants from 176 CountriesEuronews
technology4 hrs agoDeveloping

World Urban Forum 2026 Draws 57,000 Participants from 176 Countries

The 13th World Urban Forum concluded with discussions on housing, climate resilience and urban governance. Organisers reported that the sessions informed future strategic priorities.

Euronews
1 source
Trump Mobile website still lists T1 phone as American-madetheverge.com
technology4 hrs agoDeveloping

Trump Mobile website still lists T1 phone as American-made

The product page for the T1 phone continues to describe the device as American-made. The Verge reported that the site may conflict with FTC advertising rules. The phone was announced in June 2025.

The Verge
1 source
EU Discusses Readiness for Artificial Intelligence ChangesFrance 24
ai4 hrs agoDeveloping

EU Discusses Readiness for Artificial Intelligence Changes

A France 24 program examined whether European Union policies can address the effects of artificial intelligence. The discussion covered potential impacts across daily life and economic sectors.

France 24
1 source