Luxshare Hit by Alleged Ransomware Attack, Exposing Sensitive Data from Apple, Nvidia, and Others In December, Luxshare Precision Industry a major Chinese electronics manufacturer and key Apple supplier was reportedly targeted in a ransomware attack. The threat actors, operating under the RansomHouse group, claim to have encrypted company systems and exfiltrated sensitive data tied to multiple high-profile customers. As proof, the attackers leaked samples of stolen R&D data, including internal documentation, employee records, and product design files spanning 2019 to 2025. The compromised materials appear to cover Apple-Luxshare manufacturing workflows, as well as proprietary engineering data linked to Nvidia, LG, Geely, Tesla, and other global tech firms. Among the stolen files are 3D CAD models, high-precision geometric data, 2D component drawings, PCB designs, and confidential engineering schematics all protected under non-disclosure agreements. The attackers publicly urged Luxshare to engage with them, warning that failure to do so would result in further leaks of confidential projects. Neither Luxshare nor Apple has officially confirmed the breach, though cybersecurity analysts suggest the leaked evidence appears legitimate. Security experts warn that if verified, the incident represents a significant intellectual property breach with far-reaching consequences. Damon Small of Xcape Inc. noted that the theft of CAD designs, circuit board layouts, and product files could enable industrial espionage or counterfeit operations, extending risks beyond financial motives. The attack highlights vulnerabilities in the hardware supply chain, where a single breach at a major supplier can expose the trade secrets of multiple multinational corporations. The incident underscores the growing trend of ransomware groups targeting upstream suppliers to maximize data theft across interconnected industries. As manufacturing partners handle increasingly sensitive design files, their cybersecurity resilience becomes critical to protecting the competitive edge of global tech ecosystems.

Luxshare Hit by RansomHub Ransomware Attack, Threatening Apple, Nvidia, and LG Data Leaks Luxshare, a major Apple supplier responsible for assembling iPhones, AirPods, Apple Watches, and Vision Pro devices, has allegedly fallen victim to a ransomware attack by the cybercriminal group RansomHub. The attackers claim to have stolen sensitive data, including confidential project details, product designs, and personal information of employees, threatening to leak it unless a ransom is paid. The breach, which reportedly occurred in December 2023, includes data spanning 2019 to 2025, such as 3D CAD models, circuit board designs, repair processes, and shipping timelines for Apple and other Luxshare clients. The attackers also allege access to engineering documentation from Nvidia, LG, Tesla, and Geely, raising concerns about corporate espionage and supply chain risks. RansomHub, a ransomware-as-a-service (RaaS) operation, has been highly active in 2024, targeting nearly 500 victims at a rate of nearly one per day. The group employs remote encryption tools and exploits unprotected systems to evade detection. If confirmed, the breach could allow competitors to reverse-engineer products, manufacture counterfeits, or exploit hardware vulnerabilities in Apple devices. Luxshare, a Shenzhen-based electronics giant with over 230,000 employees and $37 billion in revenue, plays a critical role in Apple’s supply chain. The leaked data also includes personal identifiable information (PII) of employees, such as names, job titles, and work emails. As of now, Luxshare, Apple, and Nvidia have not publicly confirmed the breach, though Cybernews researchers believe the leaked samples appear legitimate. The incident underscores the growing threat of supply chain attacks and the potential for ransomware groups to disrupt major tech manufacturers.

RansomHub Claims Theft of Sensitive Data from Luxshare, Impacting Apple, Nvidia, and Other Tech Giants The RansomHub ransomware-as-a-service operation has alleged a breach of Luxshare, a key Chinese manufacturer supplying components for Apple, Nvidia, Tesla, LG, and other major tech firms. According to a post on RansomHub’s leak site, the attack occurred on December 15, resulting in the theft of highly sensitive data. The stolen archives reportedly include 3D CAD product models, engineering documentation, Parasolid files, 2D CAD drawings, mechanical and electrical design data, PCB manufacturing files, and confidential repair and shipping project details linked to Apple and Luxshare. A sample analysis revealed personally identifiable information (PII) of individuals involved in projects spanning 2019 to 2025. While Luxshare has not confirmed the breach, the exposed data could enable counterfeit manufacturing and uncover supply chain vulnerabilities, potentially leading to further cyber intrusions. The incident underscores the risks of third-party supplier breaches in global tech supply chains.