Foxconn ransomware attack on Mexico facility over Thanksgiving weekend, where intruders stole unencrypted archives before encrypting Appliances. Foxconn is the largest electronics company in the world, currently employing over 800.000 employees worldwide, while in 2019 its revenues reached 172 billion dollars.
His gang DoppelPaymer ransomware posted yesterday on ransomware data leak site files belonging to the electronics giant. between the data leaked business documents and reports are included, however no financial information or personal information of company employees appears to be included.
According to BleepingComputer, cybersecurity sources confirmed that Foxconn was ransomware attacked around November 29, 2020, at the Foxconn CTBG MX facility located in Ciudad Juárez, Mexico. This facility opened in 2005 and is used by Foxconn to assemble and ship electronic equipment to all parts of South and North America. After the ransomware attack, the website of the facility was shut down and shows visitors that there is a temporary error.
Sources have also released a ransom note, which includes a link to Foxconn on a DoppelPaymer Tor payment site, where hackers of the gang demand ransom amounting to 1804.0955 BTC, or approximately $ 34.686.000.
The DoppelPaymer ransomware gang confirmed that it attacked Foxconn's North American facility on November 29, but said it did not attack the entire company. In addition, the hackers claim that during the ransomware attack they encrypted about 1.200 servers, stole 100 GB of unencrypted files and also deleted 20-30 TB of backups.
The list of registered victims of the DoppelPaymer ransomware gang includes Compal, PEMEX (Petróleos Mexicanos), the city of Torrance in California, the University of Newcastle, County Hall in Georgia, the Banijay Group SAS and Bretagne Télécom.