Cyber Incident Victim: Delta Electronics, Inc.

On January 21, 2022, Delta Electronics, a Taiwanese electronics manufacturer and key supplier of power components to Apple and Tesla, suffered a ransomware attack attributed to the Conti group. The company detected the intrusion immediately and initiated containment measures, isolating infected systems while launching recovery efforts. Delta publicly stated the incident did not disrupt production systems, emphasizing continuity in manufacturing operations. However, an internal report obtained by CTWANT revealed a more severe impact, with attackers encrypting over 1,500 servers and 12,000 workstations from Delta’s 65,000-device network infrastructure. Forensic analysis identified the malware as a variant of Conti ransomware, with a sample hash of 5ace33358a8b11ae52050d02d2d6705f04bd47a27c6c6e28ef65028bbfaf5da9. The attackers demanded a $15 million ransom, though Delta’s absence from Conti’s leak site as of January 18 suggested ongoing negotiations between the parties.

Delta engaged cybersecurity firms Trend Micro and Microsoft to assist with containment and remediation. The attack forced the company to take its official websites offline, requiring the deployment of alternative web servers to maintain customer communications. A source familiar with the incident reported that most affected systems remained unrecovered days after the attack, indicating prolonged operational disruption. Despite Delta’s public assurances regarding production stability, the scale of encrypted infrastructure—affecting nearly 20% of its computer fleet—highlighted significant IT infrastructure compromise. The company had not issued further public statements beyond its initial disclosure to stock market authorities, and its spokesperson did not respond to media inquiries by the time of The Record’s January 18 report.