RansomHub Claims Theft of Sensitive Data from Luxshare, Impacting Apple, Nvidia, and Other Tech Giants
The RansomHub ransomware-as-a-service operation has alleged a breach of Luxshare, a key Chinese manufacturer supplying components for Apple, Nvidia, Tesla, LG, and other major tech firms. According to a post on RansomHub’s leak site, the attack occurred on December 15, resulting in the theft of highly sensitive data.
The stolen archives reportedly include 3D CAD product models, engineering documentation, Parasolid files, 2D CAD drawings, mechanical and electrical design data, PCB manufacturing files, and confidential repair and shipping project details linked to Apple and Luxshare. A sample analysis revealed personally identifiable information (PII) of individuals involved in projects spanning 2019 to 2025.
While Luxshare has not confirmed the breach, the exposed data could enable counterfeit manufacturing and uncover supply chain vulnerabilities, potentially leading to further cyber intrusions. The incident underscores the risks of third-party supplier breaches in global tech supply chains.
Source: https://www.scworld.com/brief/tech-giants-data-exposed-in-ransomhub-claimed-luxshare-hack
Nvidia TPRM report: https://www.rankiteo.com/company/nvidia
Luxshare TPRM report: https://www.rankiteo.com/company/luxshare-precision-industry-co-ltd-
"id": "nvilux1768977485",
"linkid": "nvidia, luxshare-precision-industry-co-ltd-",
"type": "Cyber Attack",
"date": "6/2019",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Apple, Nvidia, Tesla, LG, and '
'other major tech firms',
'industry': 'Technology/Manufacturing',
'location': 'China',
'name': 'Luxshare',
'type': 'Manufacturer'}],
'data_breach': {'data_exfiltration': 'Yes',
'file_types_exposed': ['CAD files',
'Parasolid files',
'Engineering documents'],
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['3D CAD product models',
'Engineering documentation',
'Parasolid files',
'2D CAD drawings',
'Mechanical and electrical '
'design data',
'PCB manufacturing files',
'Confidential repair and '
'shipping project details',
'PII']},
'date_detected': '2023-12-15',
'description': 'The RansomHub ransomware-as-a-service operation has alleged a '
'breach of Luxshare, a key Chinese manufacturer supplying '
'components for Apple, Nvidia, Tesla, LG, and other major tech '
'firms. The attack resulted in the theft of highly sensitive '
'data, including 3D CAD product models, engineering '
'documentation, Parasolid files, 2D CAD drawings, mechanical '
'and electrical design data, PCB manufacturing files, and '
'confidential repair and shipping project details linked to '
'Apple and Luxshare. The exposed data also includes personally '
'identifiable information (PII) of individuals involved in '
'projects spanning 2019 to 2025.',
'impact': {'brand_reputation_impact': 'High',
'data_compromised': '3D CAD product models, engineering '
'documentation, Parasolid files, 2D CAD '
'drawings, mechanical and electrical design '
'data, PCB manufacturing files, confidential '
'repair and shipping project details, PII',
'identity_theft_risk': 'High',
'operational_impact': 'Potential counterfeit manufacturing, supply '
'chain vulnerabilities'},
'lessons_learned': 'The incident underscores the risks of third-party '
'supplier breaches in global tech supply chains.',
'motivation': 'Financial gain, Data exfiltration',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'RansomHub'},
'references': [{'source': 'RansomHub leak site'}],
'threat_actor': 'RansomHub',
'title': 'RansomHub Claims Theft of Sensitive Data from Luxshare',
'type': 'Ransomware'}