Apple targeted in $50 million ransomware attack resulting in unprecedented schematic leaks

Apple has been targeted in a $50 million ransomware attack following the theft of a trove of engineering and manufacturing schematics of current and future products from Quanta, a Taiwan-based company that manufactures MacBooks and other products for Apple.

The leak, first reported by The Record, was carried out by REvil, a Russian hacking group that’s also known by the name Sodinokibi. The group had already begun posting the stolen images on April 20th, timed specifically to coincide with Apple’s latest “Spring Loaded” event, after Quanta refused to pay the $50 million ransom for the data. The group is now hoping to get Apple itself to pay up by May 1st, promising to continue to post new images from the leak daily until it does.

Quanta has confirmed that its servers were breached in a statement to Bloomberg, commenting: “Quanta Computer’s information security team has worked with external IT experts in response to cyber attacks on a small number of Quanta servers.” Quanta also says “there’s no material impact on the company’s business operation” as a result of the hack.

REvil has a history of similar ransomware attacks, Bleeping Computer points out, with the group also carrying out similar hacks on Acer and other companies in the past several months. But the Quanta attack — by virtue of its connection to Apple and the potential to reveal unannounced Apple hardware — marks the group’s highest-profile target yet.

The company hasn’t clarified the extent of the leak yet, but images leaked by REvil so far include schematics for Apple’s just-revealed iMac redesign — which, prior to yesterday, hadn’t been seen by anyone outside of Apple’s sphere of influence, lending credence to the fact that the documents are indeed accurate. The schematics also include warnings on nearly every page: “This is the property of Apple and it must be returned,” and they specify that the documents are not to be reproduced, copied, or published.

Also contained within the revealed files are manufacturing diagrams for Apple’s already-released 2020 M1 MacBook Air refresh and an as-yet-unreleased laptop that features additional ports in line with the existing rumors for the upcoming laptop refresh from Apple.

These documents were stolen and are being leaked to extort Apple and Quanta. Due to the nature of their origin, we believe it would be unethical to extensively report on their contents. We’ve reached out to Apple for comment and will update this post with any new information.