Foxconn claimed data leak by Nitrogen ransomware group
Data Leak
Summary
Hide ▲
Show ▼
The Nitrogen ransomware group claimed a Foxconn data leak involving 8TB and more than 11 million files, raising the risk that confidential manufacturing material tied to major tech customers was exposed. The claim was supported with published screenshots and follows Foxconn’s confirmation of a related cyberattack affecting some North American factories.
Related Happenings
Manufacturing companies face a 2026 ransomware targeting surge
Target Trend
First: 14.05.2026 15:00
Last: 14.05.2026 15:00
Sources 1
How related:
Data that Comparitech has compiled show as many as 600 ransomware attacks on manufacturing companies so far this year, with 55 of those victims confirming the incidents.
About this happening:
**Manufacturing companies** are facing a **2026 ransomware targeting surge**, with aggregated counts reaching **600 attacks** and **55 confirmed victims**, signaling sustained pre...
Manufacturing companies face a 2026 ransomware targeting surge
Target TrendHow related: Data that Comparitech has compiled show as many as 600 ransomware attacks on manufacturing companies so far this year, with 55 of those victims confirming the incidents.
About this happening: **Manufacturing companies** are facing a **2026 ransomware targeting surge**, with aggregated counts reaching **600 attacks** and **55 confirmed victims**, signaling sustained pre...
Foxconn hit by ransomware attack
Incident
First: 13.05.2026 15:49
Last: 13.05.2026 15:49
Sources 1
How related:
Taiwanese electronics manufacturing giant Foxconn has confirmed that some of its North American factories have been hit by a cyberattack.
About this happening:
**Foxconn** confirmed that **some North American factories** suffered a **cyberattack**, disrupting manufacturing operations and forcing a recovery effort to keep production and d...
Foxconn hit by ransomware attack
IncidentHow related: Taiwanese electronics manufacturing giant Foxconn has confirmed that some of its North American factories have been hit by a cyberattack.
About this happening: **Foxconn** confirmed that **some North American factories** suffered a **cyberattack**, disrupting manufacturing operations and forcing a recovery effort to keep production and d...
Unnamed organization stolen data published on DLS
Data Leak
First: 06.05.2026 16:00
Last: 06.05.2026 16:00
Sources 1
About this happening:
**Stolen data** from an **unnamed organization** was later posted on a **data leak site (DLS)**, confirming exposure and increasing extortion pressure. The publication followed an...
Unnamed organization stolen data published on DLS
Data LeakAbout this happening: **Stolen data** from an **unnamed organization** was later posted on a **data leak site (DLS)**, confirming exposure and increasing extortion pressure. The publication followed an...
Akira group rapid double-extortion ransomware activity
Malware Activity
First: 02.04.2026 16:00
Last: 02.04.2026 16:00
Sources 1
About this happening:
**Akira** ransomware activity now includes **AdaptixC2** abuse in active intrusions, alongside the group’s **under-one-hour** to **under-four-hours** attack cadence. A **Silent Pu...
Akira group rapid double-extortion ransomware activity
Malware ActivityAbout this happening: **Akira** ransomware activity now includes **AdaptixC2** abuse in active intrusions, alongside the group’s **under-one-hour** to **under-four-hours** attack cadence. A **Silent Pu...
Pay2Key ransomware activity with enhanced evasion and anti-forensics
Malware Activity
First: 26.03.2026 12:45
Last: 26.03.2026 12:45
Sources 1
About this happening:
**Pay2Key** has re-emerged as a **ransomware** threat with enhanced **evasion, execution and anti-forensics** capabilities, increasing the difficulty of detection and response. Th...
Pay2Key ransomware activity with enhanced evasion and anti-forensics
Malware ActivityAbout this happening: **Pay2Key** has re-emerged as a **ransomware** threat with enhanced **evasion, execution and anti-forensics** capabilities, increasing the difficulty of detection and response. Th...
Latest development: 31.03.2026 16:31
Iran has revived Pay2Key by recruiting affiliates from Russian cybercriminal forums and positioning the ransomware operation as a punitive arm of the Iranian state against high-impact US targets. KELA says the activity blends ransomware, pseudo-ransomware, and destructive wiper-like behavior, and that Iran-backed APT Agrius is also using Apostle malware, retrofitted from a data wiper into a ransomware variant, to obscure geopolitical motives.
Timeline
-
13.05.2026 20:13 2 articles · 14d ago
Foxconn claimed data leak by Nitrogen ransomware group
Initial DisclosureThe leak thread began when **Nitrogen** put **Foxconn** on its **Tor-based leak website** and claimed theft of **8TB** of data on **March 12**. **Screenshots** were then published to support the allegation.
Show sources
- Foxconn Confirms North American Factories Hit by Cyberattack — www.securityweek.com — 13.05.2026 20:13
- Foxconn Attack Highlights Manufacturing's Cyber Crisis — www.darkreading.com — 14.05.2026 15:00