Massive Data Breach at Luxshare Exposes Apple’s Confidential Product Plans
In a significant cybersecurity incident, Chinese manufacturing giant Luxshare, a key supplier for Apple, has fallen victim to a cyberattack resulting in the theft of over 1 terabyte of sensitive data. This breach has potentially exposed confidential information related to Apple’s product designs and manufacturing processes.
The cyberattack was first disclosed on December 15, 2025, when the hacker group RansomHub posted on their dark web leak site, claiming responsibility for infiltrating Luxshare’s internal systems. The group asserted that they had encrypted Luxshare’s data and exfiltrated substantial volumes of confidential information belonging to the company and its clients, including Apple. They threatened to release the stolen data publicly unless Luxshare engaged in negotiations, accusing the company of attempting to conceal the incident.
According to RansomHub’s claims, the stolen data encompasses critical files such as detailed 3D CAD product models, high-precision geometric files, 2D manufacturing drawings, mechanical component designs, circuit board layouts, and internal engineering PDFs. The group indicated that the archives include not only Apple product data but also information related to other major clients like Nvidia, LG, Tesla, and Geely.
The attackers stated that Luxshare’s management had been given time to respond but failed to do so. They emphasized that the stolen archives contained confidential project documentation protected under non-disclosure agreements. To substantiate their claims, the group provided data samples as proof of the breach.
Cybernews reported that its research team reviewed portions of the leaked sample data and found what appeared to be legitimate internal Luxshare documentation tied to Apple projects. The materials detailed confidential repair procedures and logistics workflows between Apple and Luxshare, including process descriptions, timelines, and partner coordination documents.
The sample data included files commonly used in product design and manufacturing workflows, such as .dwg and Gerber files, referencing projects spanning from 2019 through 2025. This suggests that unreleased products may be included in the compromised data. Additionally, the researchers noted that the sample data appeared to include personally identifiable information of individuals involved in Apple projects, such as full names, job titles, and work email addresses.
The exposure of detailed engineering designs and manufacturing documentation poses significant risks, including potential product reverse engineering, counterfeit manufacturing, and targeted attacks on hardware or firmware facilitated by in-depth knowledge of device layouts and component interactions. Furthermore, the disclosure of employee contact information and internal workflows could increase the risk of targeted phishing or subsequent intrusions against Apple’s other partners.
As of now, neither Apple nor Luxshare have publicly confirmed the cyberattack. The incident underscores the critical importance of robust cybersecurity measures within the supply chain, especially for companies handling sensitive and proprietary information.
