Luxshare, a key Apple supplier based in China, has reportedly suffered a major data breach. If legitimate, the cyberattack could include sensitive and confidential information about products from Apple and other major tech companies.
As reported by Cybernews and Hackread, the ransomware group RansomHub is taking credit for the attack. The attackers took to their dark web forum last month to reveal that they’ve obtained engineering data that is dated December 15, 2025.
RansomHub alleges that Luxshare has attempted to “conceal the incident” internally. Nonetheless, the attackers urge Luxshare to contact them in order to prevent the information from being released to the public.
“We were waiting for you for quite some time, but it seems that your IT department decided to conceal the incident that took place in your company. We strongly recommend that you contact us to prevent your confidential data and project documents from being leaked,” the group says in its post.
The attackers claim they have obtained “sensitive business operations” from Apple, Nvidia, LG, Tesla, and other major companies. This includes confidential 3D CAD product models and engineering designs, device repair information, shipping timelines and processes, and more. The files are dated from 2019 through 2025, which could mean that there is information about future Apple products included.
The data also includes personal identifiable information about people working on specific projects, including information about Appel employees working in collaboration with Luxshare. There’s also PCB manufacturing data, component drawings, engineering documentation, and geometric data
Even without information future Apple product information, Cybernews explains that the breach could have serious cybersecurity implications as well:
If confirmed, the attack could be disastrous for Luxshare and its partners. For one, attackers could sell the data to competitors who could utilize the stolen details to reverse-engineer products, bypass years of R&D, and manufacture counterfeits. The cybersecurity implications are also extreme as attackers could clearly uncover hardware vulnerabilities, chip locations, and power systems, which would be beneficial to target firmware or carry out supply chain attacks.
Luxshare and Apple have not confirmed the cyberattack or otherwise commented publicly. Luxshare is a key partner for Apple, collaborating on production of the iPhone, Apple Watch, AirPods, and more.
My favorite iPhone accessories
... continue reading