Luxshare Hit by Alleged Ransomware Attack, Exposing Sensitive Data from Apple, Nvidia, and Others
In December, Luxshare Precision Industry a major Chinese electronics manufacturer and key Apple supplier was reportedly targeted in a ransomware attack. The threat actors, operating under the RansomHouse group, claim to have encrypted company systems and exfiltrated sensitive data tied to multiple high-profile customers.
As proof, the attackers leaked samples of stolen R&D data, including internal documentation, employee records, and product design files spanning 2019 to 2025. The compromised materials appear to cover Apple-Luxshare manufacturing workflows, as well as proprietary engineering data linked to Nvidia, LG, Geely, Tesla, and other global tech firms. Among the stolen files are 3D CAD models, high-precision geometric data, 2D component drawings, PCB designs, and confidential engineering schematics all protected under non-disclosure agreements.
The attackers publicly urged Luxshare to engage with them, warning that failure to do so would result in further leaks of confidential projects. Neither Luxshare nor Apple has officially confirmed the breach, though cybersecurity analysts suggest the leaked evidence appears legitimate.
Security experts warn that if verified, the incident represents a significant intellectual property breach with far-reaching consequences. Damon Small of Xcape Inc. noted that the theft of CAD designs, circuit board layouts, and product files could enable industrial espionage or counterfeit operations, extending risks beyond financial motives. The attack highlights vulnerabilities in the hardware supply chain, where a single breach at a major supplier can expose the trade secrets of multiple multinational corporations.
The incident underscores the growing trend of ransomware groups targeting upstream suppliers to maximize data theft across interconnected industries. As manufacturing partners handle increasingly sensitive design files, their cybersecurity resilience becomes critical to protecting the competitive edge of global tech ecosystems.
Source: https://informationsecuritybuzz.com/apple-supplier-luxshare-allegedly-hit-by-ransomware/
Geely TPRM report: https://www.rankiteo.com/company/geely
Nvidia TPRM report: https://www.rankiteo.com/company/nvidia
Luxshare Precision Industry TPRM report: https://www.rankiteo.com/company/luxshare-precision-industry-co-ltd-
"id": "geenvilux1769153015",
"linkid": "geely, nvidia, luxshare-precision-industry-co-ltd-",
"type": "Cyber Attack",
"date": "6/2019",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': ['Apple',
'Nvidia',
'LG',
'Geely',
'Tesla'],
'industry': 'Technology/Manufacturing',
'location': 'China',
'name': 'Luxshare Precision Industry',
'type': 'Electronics Manufacturer'}],
'data_breach': {'data_encryption': True,
'data_exfiltration': True,
'file_types_exposed': ['3D CAD models',
'2D component drawings',
'PCB designs',
'Engineering schematics'],
'personally_identifiable_information': 'Employee records',
'sensitivity_of_data': 'High (proprietary engineering data, '
'CAD models, PCB designs, confidential '
'schematics)',
'type_of_data_compromised': ['R&D data',
'Internal documentation',
'Employee records',
'Product design files']},
'date_detected': '2023-12',
'description': 'In December, Luxshare Precision Industry, a major Chinese '
'electronics manufacturer and key Apple supplier, was '
'reportedly targeted in a ransomware attack. The threat '
'actors, operating under the RansomHouse group, claim to have '
'encrypted company systems and exfiltrated sensitive data tied '
'to multiple high-profile customers. The attackers leaked '
'samples of stolen R&D data, including internal documentation, '
'employee records, and product design files spanning 2019 to '
'2025. The compromised materials cover Apple-Luxshare '
'manufacturing workflows, as well as proprietary engineering '
'data linked to Nvidia, LG, Geely, Tesla, and other global '
'tech firms.',
'impact': {'brand_reputation_impact': 'Significant',
'data_compromised': 'Sensitive R&D data, internal documentation, '
'employee records, product design files '
'(2019-2025)'},
'lessons_learned': 'The incident highlights vulnerabilities in the hardware '
'supply chain, where a single breach at a major supplier '
'can expose the trade secrets of multiple multinational '
'corporations. It underscores the growing trend of '
'ransomware groups targeting upstream suppliers to '
'maximize data theft across interconnected industries.',
'motivation': ['Data exfiltration', 'Financial gain', 'Industrial espionage'],
'ransomware': {'data_encryption': True, 'data_exfiltration': True},
'references': [{'source': 'Cybersecurity analysts and media reports'}],
'threat_actor': 'RansomHouse',
'title': 'Luxshare Hit by Alleged Ransomware Attack, Exposing Sensitive Data '
'from Apple, Nvidia, and Others',
'type': 'Ransomware'}