Apple supplier Luxshare hacked, confidential data stolen in cyberattack

A major scandal has erupted in Apple's supply chain, stemming from a cyberattack on one of the company's key contractors. The victim of the breach was Chinese manufacturer Luxshare, a primary assembler of Apple devices. Investigators report that malicious actors may have stolen over one terabyte of confidential data, including materials related to unreleased products.

The hack first came to light in mid-December 2025 when the RansomHub group posted a message on its darknet site. The hackers claimed to have encrypted Luxshare's internal systems and exfiltrated a vast amount of information, threatening to release it if negotiations were refused. They alleged that company management attempted to conceal the incident and failed to make contact by the specified deadline.

Among the stolen files, according to the attackers, are 3D CAD models, precise engineering drawings, printed circuit board schematics, project documentation, and internal technical PDFs. Beyond Apple, the archives supposedly contain data from other major Luxshare clients, including Nvidia, LG, Tesla, and Geely. Some of these materials are protected by non-disclosure agreements.

Cybernews journalists reported analyzing fragments of published samples and finding documents resembling real internal Luxshare materials tied to Apple projects. These describe confidential repair procedures, logistics, and partner interactions. Some files are dated from 2019 to 2025, increasing the likelihood that details about yet-to-be-released devices have been compromised.

Experts warn that such data could be used for reverse engineering, counterfeit production, and targeted attacks on hardware and software. The leak of employee personal data also raises the risks of phishing and further attacks on other Apple partners. Neither Apple nor Luxshare had officially confirmed the breach at the time of publication.