Highly confidential information concerning Apple, the company’s business practices, and designs has allegedly been hacked in a ransomware attack against a key Apple partner, Luxshare Precision Industry. The attacking group is called RansomHub, which claims to have purloined product data, confidential design files (including 3D CAD models), and personally identifiable employee information in the heist. The group is threatening to leak this information unless a ransom is paid. It also said it gathered equally sensitive information concerning Nvidia and LG during the attack. None of the concerned parties have confirmed the claims. Who is Luxshare? Luxshare assembles iPhones, AirPods and is the exclusive manufacturer of the Vision Pro. The Apple business is lucrative, generating around 70% of the company’s income, and Luxshare is also reported to have been signed up to make OpenAI’s hardware devices . To some extent, it doesn’t matter whether the attack took place or not, because the story underlines one of the biggest weaknesses every company and every person faces in the digital world: you, your data and your business partner’s data are only ever as secure as your least secure partner. That’s a fact that needs to be mulled over, particularly as a deeply unstable political environment means the profile of those carrying out these attacks is also changing. Attacks are sophisticated, follow complex attack vectors, can be financed by nation states, and can comprise multiple stages. “The total number of data breaches more than tripled between 2013 and 2022,” Apple said a couple of years ago . An attack against a single employee can be part of a multi-pronged assault on the protections of your key business partners. Digital war zone Charl van der Walt, head of security research for Orange Cyberdefense, warns : “We exist within a dense web of interdependence where a single weakness can enable mass compromise. Small businesses and critical services have become prime conduits to amplify economic and social consequences.” This isn’t the first time a partner in the Apple — or any — space has been attacked. Apple partner Quanta was hit by ransomware in 2021. In recent years, we’ve seen a scourge of mercenary spyware. Just today, Jamf Threat Labs published a report exploring a DPRK-linked campaign that uses malicious GitHub repositories to deliver macOS malware through Visual Studio Code. (Jamf claims to have uncovered a JavaScript-based backdoor that provides remote code execution, persistent communication with command-and-control infrastructure and system fingerprinting on macOS systems.) The data shows us that the security environment is increasingly difficult. Supply chains are under attack The latest edition of Orange Cyberdefense’s annual Security Navigator report confirms the number of cyber extortion attacks has trebled since 2020, with parts of the supply chain — such as Luxshare — a particular target for such attacks. The group behind this attack is known to be one of the most active ransomware gangs around and primarily targets industrial manufacturing and healthcare. A CISA advisory tells us the group successfully breached around 210 targets in 2024 alone. To protect themselves, enterprises must implement multi-layered, defense-in-depth protections, harden their endpoints, and use integrated management and security tools to ensure visibility across all potential attack vectors. More than the OS Part of this involves the operating system, of course, and Apple has always managed to provide that. (We don’t know whether the Luxshare systems that were attacked involved Macs, but I’m willing to bet they were not.) At a system level, Apple continues to invest in security across its systems, with tools like Lockdown Mode, Threat notifications, XProtect, Gatekeeper, and regular system patches helping keep its ecosystem secure. But the claimed attack against a key Apple business partner illustrates that relying solely on operating system safety isn’t enough; it’s vitally important that any company put protections in place. Too many enterprises don’t do this. For example, just two years ago we learned that firewalls are disabled on 55% of Macs being used in businesses , while one in 20 devices has vulnerable applications installed . Apple’s recent decision to begin to push out essential security updates to users could not be better timed. If it can happen at Luxshare… As for the unfortunate incident at Luxshare, while it is too early to read too much into it, I think it likely that a combination of human error, and at least one unpatched vulnerability, potentially at a partner company, enabled the exploit to occur. If it can happen to a large and powerful company like Luxshare, it can certainly happen elsewhere; you must take precautions. You can follow me on social media! Join me on BlueSky , LinkedIn , and Mastodon .