Last month, Luxshare, an Apple supplier in China, was targeted by a cyberattack. The aftermath of the major attack revealed that confidential data amounting to over 1TB was stolen from Apple. Last december, an Apple assembler was attacked as well, where sensitive information on the production line may have been compromised.
The dark web leak site of RansomHub claimed that the group has the internal LuxShare systems encrypted and has stolen a large volume of Apple’s confidential data on both customers and the company. The group threatened to release the information to the public if LuxShare did not contact them for negotiations.
The data that was exfiltrated contains important files like high-precision geometric files, designs for mechanical components, manufacturing drawings in 2D, PDFs for internal engineering, layouts for circuit boards, and more. Gaining access to such information could have its risks if misused, resulting in the manufacture of counterfeit products, reverse engineering them, and being susceptible to attacks because attackers know the interaction of components and layouts of the products.
