Massive Luxshare Breach Exposes 1 TB of Confidential Apple Data

Leaked archives include 3D CAD models and internal workflows for unreleased products
By Chris Hauk
2 Min Read
mysterious hacker in hoodie cybersurfing on two keyboards Sergey Nivens / Shutterstock
Text Size
- +

Toggle Dark Mode

Apple supply partner Luxshare was hit with a major cyberattack in December in which hackers likely gleaned sensitive information on many of the firm’s customers. Details of the attack are finally beginning to emerge, with Cybernews reporting that more than 1 TB of confidential Apple information was included in the data harvested from the Chinese firm’s systems during the incident.

The attack was first disclosed on December 15, 2025, by the ransomware group RansomHub, which claimed to have entered Luxshare’s internal systems and collected massive volumes of top secret data belonging to the firm and its high-profile customers. The group threatened to go public with the information after claiming Luxshare executives attempted to conceal the incident rather than negotiate.

Security experts have declared RansomHub to be one of the most prolific ransomware-as-a-service (RaaS) operations around, primarily targeting the industrial manufacturing and healthcare industries.

This Limited-Time Microsoft Office Deal Gets You Lifetime Access for Just $39

Sick and tired of subscriptions? Get a lifetime license for Microsoft Office Home and Business 2021 at a great price!

What Was Stolen?

Cybernews researchers reviewed samples of the leaked data and believe it to be legitimate. The cache includes internal highly confidential Luxshare documentation related to Apple projects dating from 2019 to 2025. Since Luxshare assembles several mainstream products like the iPhone, AirPods, and Apple Watch, this suggests the breach is likely to contain sensitive information on unreleased products.

The stolen archives reportedly include:

  • Technical Designs: 3D CAD product models, high-precision geometric files (Parasolid), and 2D manufacturing drawings.
  • Engineering Data: Circuit board layouts, electrical architecture, and internal engineering PDFs.
  • Logistics: Confidential repair procedures and internal workflow descriptions between Apple and Luxshare.
  • Personnel Data: Full names, job titles, and work email addresses of employees involved in these projects.

In addition to Apple’s confidential product data, RansomHub also claims to be in possession of confidential information from other tech giants, including Nvidia, LG, Tesla, and Geely.

Beyond Product Rumors

phishing attacks dangerous
Tero Vesalainen / Shutterstock

While the rumor mill will undoubtedly be eager to see any leaked product specifications, this data breach has much more serious consequences. The exposure of contact information and internal workflows could leave employees of Apple and its production partners vulnerable to targeted phishing and sophisticated social engineering attacks.

In a statement posted to their dark web site, the attackers taunted Luxshare’s leadership, claiming they’d given executives plenty of time to respond and negotiate a ransom:

We were waiting for you for quite some time, but it seems that your IT department decided to conceal the incident that took place in your company. We strongly recommend that you contact us to prevent your confidential data and project documents from being leaked.

While Apple and Luxshare have yet to officially comment on the breach, it certainly looks like the group of cybercriminals delivered a significant blow to the security and secrecy of Apple’s global supply chain. It could be months or years before we see the full fallout of this attack.

Share
Sponsored
Social Sharing