New Delhi. Global electronics manufacturer Foxconn has confirmed a cyberattack affecting some of its manufacturing facilities in North America after a ransomware group known as “Nitrogen” claimed it had stolen nearly 8 terabytes of data from the company’s systems. Foxconn said it activated its cybersecurity emergency response mechanism after detecting the intrusion and has gradually restored operations at the affected facilities.
Ransomware Group Claims Theft of Sensitive Files
The ransomware group Nitrogen has claimed that it accessed and exfiltrated more than 11 million files from Foxconn’s systems. The group alleged that the stolen material included confidential documents linked to major technology companies such as Apple, Nvidia, Intel, Google and Dell.
Registration Begins for FutureCrime Summit 2026, India’s Largest Cybercrime Conference
According to the claims, the data includes project documentation, technical designs, internal engineering instructions and other sensitive files. Foxconn, however, has not confirmed whether any customer-specific data was compromised in the breach.
The company said multiple operational safeguards were deployed after the intrusion was detected to maintain production and delivery continuity. Foxconn stated that operations have now been gradually restored and that there has been no significant disruption to overall manufacturing output.
Supply Chain Risks Come Under Focus
Cybersecurity experts warned that the incident could carry wider implications because of Foxconn’s role as a major manufacturing partner for global technology companies. Any compromise of proprietary data or production systems could create risks across technology supply chains.
Reports suggest the Nitrogen ransomware group has been active since 2023 and is believed to have links to leaked Conti ransomware code. Security analysts said the group has evolved its methods and has targeted enterprise-level systems, including VMware ESXi environments.
Researchers have also noted that flaws in the group’s decryption mechanisms have sometimes made data recovery impossible even after ransom payments, weakening the value of negotiations for victims.
Forensic Probe Underway After Latest Breach
Foxconn has faced ransomware-related incidents before. In 2024, a LockBit-affiliated attack reportedly affected a semiconductor-related subsidiary within the Foxconn Technology Group. Earlier incidents in 2022 also involved other units of the company, pointing to repeated cyber threats against large manufacturing businesses.
Following the latest attack, cybersecurity teams and external investigators are examining the entry point of the breach and assessing whether it involved internal vulnerabilities or supply chain access exploitation.
The immediate focus remains on securing systems, preventing further intrusion and determining whether any sensitive information was exposed. Foxconn has said its affected factories have resumed normal operations, while forensic analysis continues to assess the full extent of the breach.
