Apple has been targeted in a $50 million ransomware attack following the theft of a sizeable amount of schematics related to manufacturing and engineering of current and future products from Quanta, a Taiwan-based company that serves as one of Appleโs suppliers for MacBooks and other products.
The leak,ย first reported byย The Record, was carried out by REvil, a Russian hacking group also known as Sodinokibi, which runs the infamous dark web data marketplace called โHappy Blogโ.
The ransomware gang posted a message on the dark web portalย claiming to have stolen the blueprints of various Apple gadgets. However, Quanta refused to pay the $50 million ransom for the stolen data.
As a result, the group posted stolen images including Appleโs newly revealed iMac redesign on April 20th to coincide with Appleโs latest โSpring Loadedโ event for maximum visibility.
Almost every page of the schematics included the phrase, โThis is the property of Apple and it must be returnedโ confirming the documents were legitimate. The leak also included manufacturing diagrams for Appleโs 2021 M1 MacBook Air as well as of an unreleased laptop.
REvil is now trying to get Apple (Quantaโs primary customer) itself to pay up by May 1st. The group plans to leak more schematics and images of Appleโs future potential products every day on the dark web until the ransom is paid by Apple or Quanta.
Further, the ransomware gang also hinted that the data of other companies might be leaked online. Besides Apple, Quanta also manufactures products for Microsoft, HP, Toshiba, Google, Facebook, Dellโs Alienware, Lenovo, LG, Blackberry, Fujitsu, Cisco, and Vizio.
โOur team is negotiating the sale of large quantities of confidential drawings and gigabytes of personal data with several major brands,โ the REvil operators wrote. โWe recommend that Apple buy back the available data by May 1.โ
Meanwhile, Quanta has confirmed that one of its servers was breached but didnโt provide information on how much data was stolen.
โQuanta Computerโs information security team has worked with external IT experts in response to cyber-attacks on a small number of Quanta servers,โ the company said in a statement reported by Bloomberg. โWeโve reported to and kept seamless communications with the relevant law enforcement and data protection authorities concerning recent abnormal activities observed. Thereโs no material impact on the companyโs business operation.โ
Quanta added that the small range of internal services affected by the incident has resumed and it is upgrading its cybersecurity level to protect its data as well as improving its existing infrastructure. However, Apple declined to comment on questions about the compromise.