Apple, Luxshare and Geely: Apple, Nvidia, and Tesla confidential files allegedly exposed in supplier breach

Luxshare Hit by RansomHub Ransomware Attack, Threatening Apple, Nvidia, and LG Data Leaks

Luxshare, a major Apple supplier responsible for assembling iPhones, AirPods, Apple Watches, and Vision Pro devices, has allegedly fallen victim to a ransomware attack by the cybercriminal group RansomHub. The attackers claim to have stolen sensitive data, including confidential project details, product designs, and personal information of employees, threatening to leak it unless a ransom is paid.

The breach, which reportedly occurred in December 2023, includes data spanning 2019 to 2025, such as 3D CAD models, circuit board designs, repair processes, and shipping timelines for Apple and other Luxshare clients. The attackers also allege access to engineering documentation from Nvidia, LG, Tesla, and Geely, raising concerns about corporate espionage and supply chain risks.

RansomHub, a ransomware-as-a-service (RaaS) operation, has been highly active in 2024, targeting nearly 500 victims at a rate of nearly one per day. The group employs remote encryption tools and exploits unprotected systems to evade detection. If confirmed, the breach could allow competitors to reverse-engineer products, manufacture counterfeits, or exploit hardware vulnerabilities in Apple devices.

Luxshare, a Shenzhen-based electronics giant with over 230,000 employees and $37 billion in revenue, plays a critical role in Apple’s supply chain. The leaked data also includes personal identifiable information (PII) of employees, such as names, job titles, and work emails.

As of now, Luxshare, Apple, and Nvidia have not publicly confirmed the breach, though Cybernews researchers believe the leaked samples appear legitimate. The incident underscores the growing threat of supply chain attacks and the potential for ransomware groups to disrupt major tech manufacturers.

Source: https://cybernews.com/security/luxshare-apple-iphone-assembler-breach/

Apple TPRM report: https://www.rankiteo.com/company/apple

Luxshare TPRM report: https://www.rankiteo.com/company/luxshare-precision-industry-co-ltd-

Geely TPRM report: https://www.rankiteo.com/company/geely

"id": "appluxgee1768835808",
"linkid": "apple, luxshare-precision-industry-co-ltd-, geely",
"type": "Cyber Attack",
"date": "6/2019",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Apple, Nvidia, LG, Tesla, Geely',
                        'industry': 'Electronics, Technology Hardware',
                        'location': 'Shenzhen, China',
                        'name': 'Luxshare',
                        'size': '230,000+ employees, $37 billion revenue',
                        'type': 'Supplier/Manufacturer'}],
 'attack_vector': 'Unprotected systems, remote encryption tools',
 'data_breach': {'data_encryption': 'Yes (ransomware encryption)',
                 'data_exfiltration': 'Yes',
                 'file_types_exposed': ['CAD files',
                                        'Engineering documents',
                                        'PII records'],
                 'personally_identifiable_information': 'Yes (employee names, '
                                                        'job titles, work '
                                                        'emails)',
                 'sensitivity_of_data': 'High (confidential, proprietary, and '
                                        'personally identifiable information)',
                 'type_of_data_compromised': ['3D CAD models',
                                              'Circuit board designs',
                                              'Repair processes',
                                              'Shipping timelines',
                                              'Engineering documentation',
                                              'Employee PII (names, job '
                                              'titles, work emails)']},
 'date_detected': '2023-12',
 'description': 'Luxshare, a major Apple supplier responsible for assembling '
                'iPhones, AirPods, Apple Watches, and Vision Pro devices, has '
                'allegedly fallen victim to a ransomware attack by the '
                'cybercriminal group RansomHub. The attackers claim to have '
                'stolen sensitive data, including confidential project '
                'details, product designs, and personal information of '
                'employees, threatening to leak it unless a ransom is paid.',
 'impact': {'brand_reputation_impact': 'High',
            'data_compromised': 'Confidential project details, product '
                                'designs, employee PII, 3D CAD models, circuit '
                                'board designs, repair processes, shipping '
                                'timelines, engineering documentation',
            'identity_theft_risk': 'High (employee PII exposed)',
            'operational_impact': 'Potential supply chain disruption, '
                                  'reverse-engineering risks, counterfeit '
                                  'manufacturing'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial gain, corporate espionage',
 'ransomware': {'data_encryption': 'Yes',
                'data_exfiltration': 'Yes',
                'ransomware_strain': 'RansomHub'},
 'references': [{'source': 'Cybernews'}],
 'threat_actor': 'RansomHub',
 'title': 'Luxshare Hit by RansomHub Ransomware Attack, Threatening Apple, '
          'Nvidia, and LG Data Leaks',
 'type': 'Ransomware'}

Apple, Luxshare and Geely: Apple, Nvidia, and Tesla confidential files allegedly exposed in supplier breach

Trivy and European Commission: European Commission breach exposed data of 30 EU entities, CERT-EU says

Hong Kong Hospital Authority: Probe launched after Hospital Authority data breach involving 56,000 patients

Brokk: Brokk purportedly hacked by Play ransomware, data leaked