BREAKING AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack
Connect with us

Hi, what are you looking for?


Data Breaches

Ransomware Group Targets Foxconn Subsidiary Foxsemicon

Foxsemicon’s website defaced with a message from the LockBit ransomware group, which claims to have stolen 5 Tb of data.

Ransomware Report

Foxsemicon Integrated Technology, a subsidiary of Taiwanese electronics giant Foxconn, appears to have been targeted by the notorious LockBit ransomware group.

Foxsemicon specializes in semiconductor equipment manufacturing. The company’s website was defaced this week with a message claiming that data has been stolen and encrypted. The message said 5 Tb of data has been taken from the company’s systems.

The cybercriminals claimed to have obtained personal data belonging to customers and employees, and threatened to make it public on their leak website unless a ransom is paid. 

The hackers’ message told employees that they will lose their job as they are allegedly “able to completely destroy Foxsemicon with no possibility of recovery”. It’s not uncommon for ransomware gangs to exaggerate their claims in an effort to put more pressure on the victim. 

The message posted on the defaced website also advised the company not to contact any ransomware recovery services or insurance firms. The exact ransom amount is unclear, but this part of the message does mention a $1 million ransom as an example.

While the incident may turn out to have a big impact, Foxsemicon told the Taiwan Stock Exchange that its initial assessment indicates the incident should not have a significant impact on its operations. 

The Foxsemicon website has been restored at the time of writing.

The ransomware group did not name itself on the defaced Foxsemicon website, but the links provided to the company point to the LockBit Tor-based leak website. 

LockBit does not typically deface victims’ websites, but major ransomware groups have been known to experiment with various tactics to increase their chances of getting paid. 

Advertisement. Scroll to continue reading.

Foxsemicon has yet to be listed on LockBit’s site. The cybercrime gang, which has been running the world’s largest and most active ransomware operation, has targeted several other semiconductor companies in the past year, including Taiwan Semiconductor Manufacturing Company (TSMC), from which it initially demanded a $70 million ransom.

Related: Russian National Arrested, Charged in US Over Role in LockBit Ransomware Attacks

Related: US Organizations Paid $91 Million to LockBit Ransomware Gang

Related: LoanDepot Takes Systems Offline Following Ransomware Attack

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.


Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.


People on the Move

ICS and OT cybersecurity solutions provider TXOne Networks appoints Stephen Driggers as new CRO

Identity orchestration provider Strata Identity appoints Aldo Pietropaolo as Field CTO

Cybersecurity provider for the aviation industry Cyviation has appointed Eliran Almog as Chief Executive Officer.

More People On The Move

Expert Insights