Electronics manufacturing giant Hon Hai Precision Industry, better known as Foxconn, suffered a ransomware attack that disrupted its production facilities in Mexico. The cyberattack affected 1,200 company servers, resulting in the theft of 100 gigabytes of files and the deletion of 20-30 terabytes of backup data.
Foxconn is a Taiwanese multinational electronics producer based in New Taipei City, Taiwan, with over 800,000 employees worldwide. It opened its Mexican plant in Chihuahua in 2005, which serves as a facility for assembling and shipping electronics equipment to North and South America.
BleepingComputer first reported the incident, saying the attack took place over Thanksgiving weekend and that the DoppelPaymer gang was behind it. The threat actors confirmed their involvement in an interview, adding that they did not target the whole company.
“We encrypted NA segment, not whole Foxconn, it’s about 1200-1400 servers, and not focused on workstations,” the cybercrime group told BleepingComputer. “They also had about 75TB’s of misc backups, what we were able to – we destroyed (approx 20-30TB).”
Foxconn Refuses Hackers’ Demands
DoppelPaymer left a ransom note behind, demanding over $32 million in bitcoins in exchange for the decryption key. Group members also promised not to publish the stolen data online if Foxconn met their demands. However, the company refused to pay, resulting in the leak of some of its data over the dark web.
Appgate security researcher Gustavo Palazolo confirmed that his team saw Foxconn-related information on DoppelPaymer’s darknet website.
Meanwhile, Foxconn stated it is working with “technical experts and law enforcement agencies” to investigate the incident and its repercussions, identify the culprits, and bring them to justice. The company gradually restored services at the impacted Mexican facility, though the website remains offline. The plant manufactures brands like Sharp and Belkin, both Foxconn subsidiaries.
Cyber threats like ransomware attacks have significantly risen this year, claiming victims left, right, and center. Therefore, using antivirus programs and virtual private networks (among other tools) is crucial. But only the best VPNs offer military-grade encryption, a zero-logs policy, and access to any Netflix library, Disney+, Hulu, and BBC iPlayer.