On May 12, 2026, Foxconn -- the world's largest electronics manufacturer -- confirmed a cyberattack on its U.S. operations. The Nitrogen ransomware gang claimed responsibility, stating it had stolen 8 terabytes of data comprising over 11 million files from Foxconn facilities in Mount Pleasant, Wisconsin and Houston, Texas. While the breach primarily targeted corporate and intellectual property data, employees, contractors, and supply chain workers may also be affected. Here is what happened, who is at risk, and what you should do now.
What Happened in the Foxconn Breach
The Nitrogen ransomware gang, a relatively recent but increasingly aggressive threat group, targeted Foxconn's U.S. operations and gained access to internal systems at two major facilities:
- Mount Pleasant, Wisconsin: Foxconn's large-scale manufacturing complex, which produces server components and display panels.
- Houston, Texas: An operational site supporting Foxconn's U.S. business activities.
Nitrogen claims to have exfiltrated 8 terabytes of data -- over 11 million individual files -- before Foxconn detected and contained the breach. The stolen data spans a wide range of corporate, technical, and operational documents.
What Data Was Stolen
Based on Nitrogen's claims and Foxconn's disclosures, the stolen data includes:
- Confidential instructions and internal project documentation
- Technical hardware drawings and circuit board layouts
- Integrated circuit (IC) documentation
- Temperature sensor records
- Financial files
- Data related to projects for Intel, Apple, Google, Dell, and Nvidia
- Apple server component schematics from March 2026 and late 2025
- Rack specifications and manuals from 2020 through 2023
This Is Primarily a Corporate and IP Breach
The bulk of the stolen data is corporate intellectual property: hardware designs, circuit board layouts, project documentation, and technical specifications for products Foxconn manufactures for major technology companies. However, 11 million files across two major facilities almost certainly include employee records, contractor information, HR documents, and other files containing personal data. If you work or have worked at either affected facility, treat your personal information as potentially compromised.
Who Is Affected?
The Foxconn breach potentially affects several groups of people:
Current and Former Employees
Anyone who works or has worked at Foxconn's Mount Pleasant, Wisconsin or Houston, Texas facilities should assume their personal information may be part of the stolen data. Employee records typically contain names, addresses, Social Security numbers, dates of birth, bank account information for direct deposit, tax withholding forms, benefits enrollment data, and employment history.
Contractors and Temporary Workers
Foxconn's manufacturing operations rely heavily on contractors and temporary workers. These individuals often provide personal information during onboarding that is stored in the same systems as employee data. If you performed contract work at either affected facility, your data may be at risk.
Supply Chain Workers
The breach also has broader supply chain implications. Foxconn works with hundreds of suppliers and partners, and internal project documentation and financial files may contain contact information, contractual details, and other data about individuals at partner organizations. If your company does business with Foxconn's U.S. operations, you may want to assess whether your information was shared with and stored at the affected facilities.
Clients and Technology Partners
The stolen data includes project documentation related to Intel, Apple, Google, Dell, and Nvidia. While these are major corporations with their own security teams, the breach raises concerns about proprietary technical information and any personal contact data included in project files, communications, and partnership documents.
Do Not Wait for Official Notification
Breach notifications from large organizations can take weeks or months to reach affected individuals. Foxconn has confirmed the attack, but the full scope of personal data exposure is still being assessed. If you have any connection to Foxconn's Mount Pleasant or Houston facilities, take protective steps now rather than waiting for a formal notification letter. The steps below cost nothing and protect you regardless of whether your specific data was stolen.
Steps to Take Now
Whether you are a current employee, former employee, contractor, or supply chain partner, take these steps immediately:
1. Freeze Your Credit
Place a credit freeze at all three major credit bureaus -- Equifax, Experian, and TransUnion. This is free and prevents anyone from opening new credit accounts in your name. A freeze does not affect your existing accounts or credit score. You can temporarily lift the freeze whenever you need to apply for credit.
- Equifax: equifax.com/personal/credit-report-services/credit-freeze
- Experian: experian.com/freeze
- TransUnion: transunion.com/credit-freeze
2. Monitor Your Financial Accounts
Set up transaction alerts on all bank accounts, credit cards, and investment accounts. Review statements weekly for any unauthorized charges or withdrawals, no matter how small. Criminals often test stolen financial data with small transactions before attempting larger fraud.
3. Change Your Passwords
If you use (or have ever used) the same password for your Foxconn work accounts and any personal accounts, change those personal account passwords immediately. Use a password manager to generate strong, unique passwords for every account. Enable two-factor authentication wherever available, and prefer authenticator apps over SMS-based codes.
4. Watch for Phishing Attempts
After major breaches, criminals use stolen data to craft highly targeted phishing emails and texts. Be skeptical of any communication that:
- Claims to be from Foxconn, your HR department, or your benefits provider
- Asks you to verify personal information or click a link
- Creates urgency around an account issue or security alert
- References specific internal projects or coworker names (which may have been found in stolen files)
Verify any suspicious communication by contacting the sender through a known, trusted channel -- not by clicking links or calling numbers provided in the message.
5. File an IRS Identity Protection PIN
If your Social Security number may have been exposed, apply for an Identity Protection PIN (IP PIN) from the IRS at irs.gov/identity-theft-fraud-scams/get-an-identity-protection-pin. This six-digit number is required to file tax returns under your SSN, preventing criminals from filing fraudulent returns in your name.
6. Check Your Credit Reports
Request your free credit reports from all three bureaus at AnnualCreditReport.com. Review them carefully for any accounts, inquiries, or addresses you do not recognize. You are entitled to free weekly credit reports, so check regularly over the coming months.
7. Monitor for Dark Web Exposure
Stolen data from ransomware attacks frequently ends up on dark web marketplaces, either because the ransom was not paid or because copies of the data were sold despite a ransom payment. Monitoring the dark web for your personal information -- email addresses, Social Security number, phone numbers -- lets you know if your data is being actively traded or sold.
8. Document Everything
Keep records of every step you take: the date you froze your credit, confirmation numbers, emails sent and received, and any suspicious activity you notice. This documentation is essential if you need to file an identity theft report, dispute fraudulent charges, or make an insurance claim.
Broader Supply Chain Privacy Implications
The Foxconn breach highlights a growing vulnerability that extends beyond any single company. Foxconn manufactures components for many of the world's largest technology companies. When a manufacturer of this scale is breached, the ripple effects extend through the entire supply chain:
- Proprietary designs and schematics for products from Apple, Intel, Google, Dell, and Nvidia are now potentially in criminal hands.
- Supply chain attack potential: Technical documentation about hardware components could theoretically be used to identify vulnerabilities in finished products.
- Cascading data exposure: Contact information, project details, and communications between Foxconn and its partners expose individuals at multiple organizations, not just Foxconn itself.
This type of breach underscores why personal privacy protection cannot depend solely on your employer's security practices. Even organizations with substantial security budgets can be compromised, and when they are, your personal data goes with them.
How PrivacyOn Helps After a Data Breach
A data breach exposes your information, but data brokers amplify the damage. When criminals combine breached employee data with the personal details freely available on people-search sites -- your home address, phone number, relatives, and more -- they can bypass security questions, pass identity verification, and commit fraud with frightening efficiency.
PrivacyOn removes your personal information from over 100 data broker and people-search sites, reducing the amount of data available to criminals who may already have your name and SSN from a breach like Foxconn's. PrivacyOn monitors 24/7 for data reappearances and includes dark web monitoring to alert you if your information surfaces in underground marketplaces. Family plans cover up to 5 people -- so you can protect your entire household, not just yourself -- starting at just $8.33 per month. You cannot undo a breach, but you can control how much of your personal information remains exposed to those who would exploit it.