Foxconn confirms North American cyberattack as Nitrogen gang claims 8TB haul

Foxconn has confirmed that intruders breached its North American operations, after the Nitrogen ransomware group named the world's largest contract electronics manufacturer on its leak site and claimed to have exfiltrated about 8 terabytes of data spanning more than 11 million files.

The Taiwanese giant is a critical supplier for Apple, Nvidia, Google, Intel, and Dell, and the gang says the stolen material includes internal project documentation, manufacturing instructions, and technical drawings tied to work for those customers. Foxconn has not validated the contents but said its security team activated incident response and moved to keep production lines running.

How the attack played out

Workers at Foxconn's Mount Pleasant, Wisconsin plant reported Wi-Fi outages before computers stopped working, forcing staff to fall back on paper and pen for some tasks. A facility in Houston, Texas was also affected. The company said normal output has since resumed at the impacted sites.

Nitrogen has been active since 2023 and is widely believed to be built on code leaked from the Conti 2 builder, putting it in the lineage of some of the most prolific extortion crews of the past several years. Researchers at Coveware reported earlier this year that the group's decryptor contains a bug that can leave files unrecoverable even after a ransom is paid, a detail that complicates negotiation calculus for any victim.

Why the supply chain matters

The incident is significant less for the immediate factory downtime and more for the second-order exposure. If even a fraction of the claimed documents are genuine, partners across consumer electronics could find sensitive design and process information on a leak site, with downstream risks for unreleased products and component sourcing.