A key part of Foxconn has been hit by the Lockbit ransomware

“All your personal data will be freely available on the Internet if Foxsemicon not pays [sic] money.”

Recovering from the attack

The attackers also posted a message for Foxsemicon’s employees: “If your management does not contact us, you will lose your job, as we are able to completely destroy Foxsemicon with no possibility of recovery,” the message allegedly read.

The attackers claim to have stolen 5 terabytes of company data. 

Soon after the attack, Foxsemicon submitted a statement to the Taiwan Stock Exchange, Taipei Times further reported, stating that its websites were recovered and that it engaged security experts to contain the incident. We tried opening Foxsemicon’s English website and it seems to be operational, however opening the site triggered a message from the antivirus program installed on the computer that the site could be risky.

The attack doesn’t seem to have affected Foxsemicon’s operations greatly, the company stressed. It did not share additional details about the attackers. However, the media are saying that it was Lockbit operators who targeted the company. Lockbit was first observed in 2020, operating on a ransomware-as-a-service model. 

Since its emergence four years ago, Lockbit was upgraded to version 3.0, and used by numerous threat actors. It has grown into one of the largest and most infamous ransomware operators in existence. Some of its victims include Managed Care of North America, Boeing, Capital Health, and many others. Lockbit’s operators usually target firms in the U.S., Asia, Europe, and Africa.

TechRadar Pro has contacted Foxconn for comment.

More from TechRadar Pro

• LockBit ransomware hits another US healthcare firm, threatens to leak customer data
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now