Foxconn has suffered a ransomware attack at a Mexican facility over the Thanksgiving weekend, where attackers stole unencrypted files before encrypting devices.
The DoppelPaymer ransomware published files belonging to Foxconn NA on their ransomware data leak site. The leaked data includes generic business documents and reports but does not contain any financial information or employee's personal details. Sources in the cybersecurity industry have confirmed that Foxconn suffered an attack around November 29th, 2020, at their Foxconn CTBG MX facility located in Ciudad Juárez, Mexico.
This facility opened in 2005 and is used by Foxconn for assembly and shipping of electronics equipment to all regions in South and North America. Since the attack, the facility's web site has been down and currently shows an error to visitors.
Attackers demand $34 million ransom. Sources have also shared the ransom note created on Foxconn servers during the ransomware attack.
In an interview with DoppelPaymer, the ransomware gang confirmed that they attacked Foxconn's North America facility on November 29th but did not attack the whole company. As part of this attack, the threat actors claim to have encrypted about 1,200 servers, stole 100 GB of unencrypted files, and deleted 20-30 TB Of backups.
"We encrypted NA segment, not whole foxconn, it's about 1200-1400 servers, and not focused on workstations. They also had about 75TB's of misc backups, what we were able to - we destroyed (approx 20-30TB)," DoppelPayment said about the attack.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
