Major Apple Supplier Luxshare Hit by Data Breach Affecting Multiple Tech Giants

Luxshare, a major Apple manufacturing partner based in China, has reportedly suffered a large-scale data breach that could expose confidential product and engineering files.

The incident was first reported by Cybernews and Hackread, citing claims made by the ransomware group RansomHub.

If confirmed, the breach could affect not only Luxshare but several global technology companies that rely on the supplier for manufacturing and engineering support.

RansomHub claims access to recent engineering data

RansomHub says it obtained internal Luxshare data dated December 15, 2025. The group posted on its dark web forum last month, alleging that Luxshare attempted to contain the breach internally rather than disclose it publicly.

In its message, the attackers urged Luxshare to make contact to prevent the data from being leaked, warning that confidential project files could be released if no response is received.

We were waiting for you for quite some time, but it seems that your IT department decided to conceal the incident that took place in your company. We strongly recommend that you contact us to prevent your confidential data and project documents from being leaked,

Nvidia, LG, Tesla, and other major tech companies also allegedly affected

According to the attackers, the stolen data includes sensitive business and engineering information linked to Apple, Nvidia, LG, Tesla, and other major firms. The files reportedly span several years, from 2019 through 2025.

The data set is said to include 3D CAD models, PCB layouts, component drawings, engineering documentation, device repair information, and manufacturing and shipping processes. The wide date range raises concerns that information related to unreleased Apple products could be part of the breach.

Personal and manufacturing data may be included

Beyond product designs, the attackers claim the data contains personally identifiable information tied to people working on specific projects. This reportedly includes details related to Apple employees collaborating with Luxshare.

Manufacturing-specific data such as geometric models, chip placement, and power system layouts is also said to be part of the leaked material, which could have implications beyond intellectual property theft.

Potential security and supply chain risks

Cybernews warns that the breach could have serious cybersecurity consequences even if no future product details are revealed. Stolen engineering data could be sold to competitors, used to reverse-engineer hardware, or leveraged to produce counterfeit devices.

If confirmed, the attack could be disastrous for Luxshare and its partners. For one, attackers could sell the data to competitors who could utilize the stolen details to reverse-engineer products, bypass years of R&D, and manufacture counterfeits. The cybersecurity implications are also extreme as attackers could clearly uncover hardware vulnerabilities, chip locations, and power systems, which would be beneficial to target firmware or carry out supply chain attacks.

More critically, detailed hardware and system documentation could help attackers identify vulnerabilities, enabling targeted firmware exploits or supply chain attacks that are difficult to detect and mitigate.

No official confirmation yet

As of now, neither Luxshare nor Apple has publicly confirmed the breach or commented on the claims. Luxshare remains a key production partner for Apple, involved in manufacturing products such as the iPhone, Apple Watch, and AirPods.

Until more information is verified, the full impact remains unclear. However, the allegations highlight how deeply supply chain security is tied to the safety of modern consumer technology, especially for companies operating at Apple’s scale.