• Home
  • cyber
  • Luxshare and Nvidia: Major data breach could expose Apple secrets
cyber Ransomware

Luxshare and Nvidia: Major data breach could expose Apple secrets

Jun 16, 2019 2 min read
Luxshare and Nvidia: Major data breach could expose Apple secrets

RansomHub Breach Exposes 1TB of Apple and Tech Giants’ Confidential Data

In December 2024, Luxshare a key Apple manufacturing partner based in Shenzhen, China suffered a major ransomware attack by the cybercriminal group RansomHub, resulting in the theft of over 1TB of sensitive data. The breach, disclosed on a dark web forum on December 15, 2024, allegedly includes confidential files from Apple, Nvidia, Tesla, LG, and other tech companies, with attackers threatening to leak the data unless an undisclosed ransom is paid.

The stolen material spans projects from 2019 to 2025 and includes highly sensitive engineering documents, such as 3D CAD models, circuit board layouts, mechanical component designs, and internal repair procedures. The leak also contains personally identifiable information (PII) of employees involved in Apple projects, including names, job titles, and work email addresses.

Security experts warn that the exposed data could enable reverse engineering of Apple products, facilitate counterfeit manufacturing, and reveal hardware vulnerabilities for future exploits. Access to detailed circuit board specifications may also aid in developing firmware attacks or supply chain compromises, while the leaked employee data increases the risk of targeted phishing campaigns.

Luxshare, which employs over 230,000 workers and generates $37 billion in annual revenue, plays a critical role in Apple’s supply chain, assembling iPhones, AirPods, Apple Watches, and Vision Pro headsets. The company’s prominence grew after production disruptions at Foxconn, Apple’s primary assembler.

RansomHub, first identified in 2024, has rapidly become one of the most active ransomware groups, targeting industrial manufacturing and healthcare sectors. The group emerged following the shutdown of ALPHV (BlackCat) and, according to a CISA advisory, breached nearly 500 victims in 2024 alone.

Neither Apple nor Luxshare has confirmed the breach or responded to the attackers’ claims.

Source: https://www.cultofmac.com/news/luxshare-data-breach

LUXSHARE-ICT CO., LTD. cybersecurity rating report: https://www.rankiteo.com/company/luxshare-ict-co

NVIDIA cybersecurity rating report: https://www.rankiteo.com/company/nvidia

"id": "LUXNVI1769024063",
"linkid": "luxshare-ict-co, nvidia",
"type": "Ransomware",
"date": "6/2019",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': 'Apple, Nvidia, Tesla, LG, and '
                                              'other tech companies',
                        'industry': 'Electronics/Technology',
                        'location': 'Shenzhen, China',
                        'name': 'Luxshare',
                        'size': '230,000 employees, $37 billion annual revenue',
                        'type': 'Manufacturing'}],
 'data_breach': {'data_exfiltration': 'Yes',
                 'file_types_exposed': ['CAD files',
                                        'Documents',
                                        'PII records'],
                 'personally_identifiable_information': 'Names, job titles, '
                                                        'work email addresses',
                 'sensitivity_of_data': 'High (confidential and proprietary)',
                 'type_of_data_compromised': ['Engineering documents',
                                              '3D CAD models',
                                              'Circuit board layouts',
                                              'Mechanical component designs',
                                              'Internal repair procedures',
                                              'Personally identifiable '
                                              'information (PII)']},
 'date_detected': '2024-12',
 'date_publicly_disclosed': '2024-12-15',
 'description': 'In December 2024, Luxshare, a key Apple manufacturing partner '
                'based in Shenzhen, China, suffered a major ransomware attack '
                'by the cybercriminal group RansomHub, resulting in the theft '
                'of over 1TB of sensitive data. The breach, disclosed on a '
                'dark web forum on December 15, 2024, allegedly includes '
                'confidential files from Apple, Nvidia, Tesla, LG, and other '
                'tech companies, with attackers threatening to leak the data '
                'unless an undisclosed ransom is paid.',
 'impact': {'brand_reputation_impact': 'High (for Luxshare, Apple, and other '
                                       'affected tech companies)',
            'data_compromised': '1TB of sensitive data',
            'identity_theft_risk': 'High (due to exposed PII of employees)',
            'operational_impact': 'Potential supply chain disruptions, reverse '
                                  'engineering risks, and counterfeit '
                                  'manufacturing'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial gain',
 'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'RansomHub'},
 'references': [{'date_accessed': '2024-12-15', 'source': 'Dark web forum'}],
 'threat_actor': 'RansomHub',
 'title': 'RansomHub Breach Exposes 1TB of Apple and Tech Giants’ Confidential '
          'Data',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.