Luxshare Precision Industry, a major Chinese electronics manufacturer and key Apple supplier, is alleged to have been hit by a ransomware attack in December.
Bad actors are claiming they encrypted company systems and exfiltrated sensitive data linked to multiple customers.
R&D data samples were leaked as proof by RansomHouse.
They said: “Dear management of Luxshare Precision Industy Co. Ltd. We were waiting for you for quite some time, but it seems your IT department decided to conceal the incident that took place in your company. We strongly recommend you to contact us to prevent your confidential data, projects documents from being leaked.”
The dark web post claims stolen details include internal documentation, and limited employee data, and product design files from 2019 to 2025. The files seem to relate directly to Apple-Luxshare manufacturing workflows, along with information connected to other global technology firms.
Purloined documents also include proprietary engineering information, including 3D CAD solid models, high-precision geometric data for Parasolid products, 2D CAD drawings, 2D component drawings for manufacturing, gerber files, confidential engineering drawings, printed circuit board design data, and more.
“The archives contain data from Apple, Nvidia, as well as LG, Geely, Tesla, and other large companies whose production and R&D information is publicly available. Protected by non-disclosure agreement,” the attackers added.
Neither Luxshare nor Apple have publicly confirmed the incident, but the Cybernews team believes that the information included in the post appears legitimate.
Damon Small, Board of Directors, Xcape Inc, says: “If confirmed, the alleged theft of CAD designs, circuit board layouts, and product files dating back to 2019 represents a huge intellectual property breach impacting companies like Apple, Nvidia, and LG. This incident underscores the aggregation of risk in the hardware industry, where a single security breach at a major supplier can expose the confidential information of numerous multi-billion-dollar clients. This breach demonstrates that a tech giant’s security is only as strong as its manufacturing partners.”
Small adds that the compromised engineering workflows and future product designs indicate that this attack goes beyond financial gain and opens the door to industrial espionage and counterfeit operations. “This situation serves as a critical reminder that “zero trust” security must extend beyond the cloud, encompassing how design files are stored, accessed, and shared among contract manufacturers and their subcontractors.”
He says strong data-centric access controls, strict vendor security baselines, and ongoing verification of who can touch what, where, and when are all crucial safeguards for high-value engineering artifacts.
“These upstream targets are increasing in popularity among ransomware groups because of the vast amounts of data stolen from multiple companies. Supplier cyber resilience is now essential for multinational manufacturers and their clients. When the blueprints for the world’s most advanced technologies are held for ransom in a supplier’s basement, the blast radius doesn’t stop at the factory floor; it triggers a seismic shift that compromises the intellectual property and competitive edge of the entire global ecosystem.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.