**Foxconn**, a global electronics manufacturing giant with over 900,000 employees and a revenue exceeding $260 billion in 2025, has acknowledged a recent cyberattack targeting some of its North American factories. The incident was triggered by claims made by the **Nitrogen** ransomware operation, which asserted it had exfiltrated 8 TB of data and over 11 million documents. **Impact and Response** "Some of Foxconn's factories in North America suffered a cyberattack," a **Foxconn** spokesperson confirmed to BleepingComputer. "The cybersecurity team immediately activated the response mechanism and implemented multiple operational measures to ensure the continuity of production and delivery. The affected factories are currently resuming normal production." **Nitrogen's Claims** According to **Nitrogen**, the stolen data includes confidential instructions, projects, and drawings belonging to major **Foxconn** clients, including **Apple**, **Intel**, **Google**, **Nvidia**, and **AMD**.  *Foxconn entry on Nitrogen leak site (BleepingComputer)* **Nitrogen Ransomware: A Brief History** The **Nitrogen** ransomware operation emerged in 2023, initially deploying the **BlackCat/ALPHV** ransomware via a malware loader of the same name. The group later developed its own ransomware strain leveraging leaked **Conti 2** builder code. However, a coding flaw in the ESXi malware variant reportedly corrupts encrypted files due to the use of an incorrect public key, according to **Coveware** researchers. While not the most prolific ransomware operation, **Nitrogen** has been gradually adding victims to its leak site since 2024. **Foxconn: A Recurring Target** This is not the first time **Foxconn** has been targeted by ransomware. In January 2024, the **LockBit** ransomware gang claimed responsibility for an attack on **Foxconn** subsidiary **Foxsemicon**. Additionally, a **Foxconn** production plant in Tijuana, Mexico, was hit by ransomware in May 2022. In December 2020, the **DoppelPaymer** ransomware operation targeted **Foxconn's** CTBG MX facility in Ciudad Juárez, demanding a $34 million ransom after allegedly stealing 100GB of data, encrypting up to 1,400 servers, and destroying 20 to 30TB of backup data.  ## 99% of What Mythos Found Is Still Unpatched. AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming. At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what's exploitable, proves controls hold, and closes the remediation loop. [Claim Your Spot](https://hubs.li/Q04crVgD0)