Why it matters: On May 31, a ransomware group using Lockbit 2.0 attacked Foxconn's factory in Tijuana, threatening to divulge sensitive information if the company didn't pay a ransom by June 11. The ransom amount is unknown but could be in the tens of millions, judging by past attacks.

Foxconn has just confirmed that one of its production plants got hit by a ransomware attack in late May, disrupting production. The company didn't disclose who the perpetrators were, but a cybercrime group using the Lockbit 2.0 ransomware has already claimed responsibility.

The affected factory is located in Tijuana, on the border with San Diego, California, and it mainly manufactures LCD TVs for the Americas region. Foxconn bought the facility from Sony back in 2009.

A company spokesperson claimed that its cybersecurity team is carrying out a data recovery plan and that the factory is slowly ramping up production capacity back to normal. It's unknown whether this means that Foxconn managed to mitigate the attack independently or if it reached an agreement with the criminals.

Foxconn produces various consumer electronics for many brands. Notable products manufactured by the company include the iPhone, iPad, Kindle, and gaming consoles from Microsoft, Nintendo, and Sony. As a result, the criminals might be in possession of valuable intellectual property shared under non-disclosure agreements, and a leak could have disastrous consequences both for Foxconn and its customers.

This isn't the first time one of Foxconn's facilities in Mexico got impacted by a ransomware attack. In 2020, the DoppelPaymer ransomware group announced that it had attacked one of the company's factories in Ciudad Juárez. The attackers claimed that they stole approximately 100 GB of data and were demanding a ransom payment of $34 million in bitcoin.