Cyber Incident Victim: Foxsemicon Integrated Technology

On January 16, 2024, Foxsemicon Integrated Technology Inc., a semiconductor parts manufacturer affiliated with Hon Hai Technology Group (Foxconn), experienced a ransomware attack that hijacked its website. The attackers defaced the site with a message claiming they had stolen and encrypted 5 terabytes of company data, including personal information of customers and employees. The ransomware group threatened to publish this data online unless Foxsemicon paid an unspecified ransom. Specific threats were directed at customers, warning their personal data would be leaked, and at employees, stating their jobs would be at risk if management failed to cooperate. The attackers asserted they could "completely destroy Foxsemicon with no possibility of recovery." This marked the first known website defacement attack against a major Taiwanese corporation. Foxsemicon detected the intrusion and restored its Mandarin-language website by the afternoon of the same day, collaborating with cybersecurity experts to address the breach.

Despite partial recovery, Foxsemicon’s English-language website remained inaccessible as of the evening of January 16, still displaying the ransomware message. Sections of the Mandarin site, including corporate information and financial statements, also stayed offline. In a filing to the Taiwan Stock Exchange, the company confirmed the incident but did not disclose the ransom amount, whether negotiations occurred, or if any data had been exfiltrated. Foxsemicon stated its preliminary assessment indicated no significant operational impact. The company is approximately 15.22% owned by Hon Hai through subsidiaries, with Applied Materials Taiwan holding an 8.36% stake. The incident occurred amid a broader rise in cyberattacks in Taiwan, which recorded the highest global average of 1,509 weekly attacks during the first three quarters of 2023, though no direct link was established between this trend and the Foxsemicon breach.