Apple’s server designs could also be liable to publicity, due to a Might 2026 cyberattack that focused Foxconn.
Leaked paperwork could also be tip of the iceberg in Foxconn hack, as solely Apple server schematics have been shared up to now. Extra damaging paperwork could come later.
On Might 12, AppleInsider reported that ransomware group Nitrogen hacked into Foxconn amenities in North America. Initially, based mostly on the accessible pattern recordsdata, it appeared that the attackers did not get hold of any Apple documentation.
Nonetheless, further pattern recordsdata have now been supplied to AppleInsider, together with greater than 30 confidential Apple paperwork, all of which seem like real. We have analyzed the newly accessible pattern, and whereas we can’t share any hyperlinks, the recordsdata have all of the hallmarks of real Apple documentation.
Nitrogen managed to acquire schematics detailing Apple server part designs from March 2026 and late 2025. Apple server rack specs and manuals, from 2020 by means of 2023, have been additionally stolen.
The server schematics have been created utilizing Siemens NX and are in keeping with the format and magnificence utilized by Apple. Dimensions for varied brackets, parts, and spacers are described within the paperwork, as is the chassis design of an inside Apple server.
Apple’s Matterhorn mission and different server particulars
Most important among the many recordsdata taken was an summary of Apple’s Matterhorn mission, detailing Apple server configurations that make the most of Intel’s Whitley and Eagle Stream platforms. The doc covers the specs of Apple servers, in addition to their board structure and structure.
Recordsdata associated to Apple and Google servers have been stolen from Foxconn.
Per the doc, Apple’s high-end servers used two 32-core Intel Ice Lake CPUs, extra generally often called third Gen Intel Xeon Scalable processors, at 2.2GHz. Additionally they featured 24 sticks of 128GB DDR4 RAM and Nvidia T4 GPUs, and a number of 8TB NVMe drives, amongst different issues.
Nitrogen additionally acquired confidential Intel paperwork, detailing debugging and JTAG processes for the aforementioned Xeon-focused platforms. These recordsdata comprise the safety layers, board designs, and different facets of Intel {hardware}.
Although these Intel-based server configurations have doubtless since been changed with extra highly effective Apple Silicon variants, the gathering of paperwork presents a novel have a look at the processing energy Apple wanted as just lately as 2023.
As for Apple server-related guides and specification paperwork, Nitrogen supplied 4 recordsdata:
- Apple AC Rack Specification
- Apple Bulk and Single Packaging Necessities
- Apple Matterhorn RoT Mezzanine Data
- Apple Server and Storage — Mechanical, Thermal, Industrial, and Packaging Specs
The Apple paperwork themselves seem like real. Three of them have been written by Apple’s Information Middle {Hardware} and Infrastructure Mechanical Growth Chief, Kelly Smith. Clifford Gaw, Apple’s System {Hardware} Lead, wrote the fourth doc within the pattern.
These recordsdata element the bodily properties of the server racks Apple makes use of internally, from their dimensions and authorised colours to the utmost weight they will carry. Additionally current are directions for sustaining airflow, leveling ft, mounting facet panels, conducting security and stability assessments, and extra.
Nitrogen seemingly did handle to get its arms on actual Apple paperwork. Nonetheless, they are not helpful for a lot of something, except you’ve an Apple server mendacity round, or a complete rack stuffed with them.
Absent from the pattern recordsdata is something associated to the chips powering Apple Silicon-based servers or something detailing the aim of the servers themselves. Server chassis and bracket schematics alone will not be a priority for Apple.
If the ransomware group really has further particulars relating to Apple Silicon servers, together with their motherboard layouts, configurations, and the whole variety of servers produced, Apple might face points. Rival AI firms, for example, would possibly copy Apple’s designs or iterate upon them.
Apple has arguably already fallen behind within the AI race, provided that Siri’s private context characteristic introduced at WWDC 2024 nonetheless is not right here. Compromised server designs actually will not assist.
Nonetheless, Apple is not the one firm that has to fret about confidential recordsdata reaching its rivals. Foxconn assembles quite a lot of electronics, parts, and merchandise for a number of tech giants.
Except for schematics and instruction manuals for Apple servers, Nitrogen stole paperwork associated to confidential AMD, Broadcom, Google, Intel, Hewlett-Packard, Micron, Nvidia, Samsung, and Seagate initiatives.
Inner paperwork associated to Google servers have been among the many recordsdata taken from Foxconn.
Additionally among the many recordsdata have been paperwork from Altera, Ampere, Amphenol Energy Options, Avago, Hilisin, Holy Stone Enterprise, ITG Electronics, Infineon, JCTC, Lotes, Molex, Nexperia, PennEngineering, Puya, Renesas, TA-i Know-how, TXC, Walsin, Winbond, and Yageo.
A number of paperwork associated to the Foxconn-owned Cloud Community Know-how, based mostly in Houston, Texas, have been additionally within the pattern supplied. This features a delivery label for tools despatched by Hewlett-Packard, amongst different issues.
AMD paperwork embrace a motherboard design information for FL1 processors and SP5 sockets, and technical specs for the MI300X-O Common Base Board. The attackers acquired Nvidia paperwork containing printed circuit board fabrication specs, board dealing with necessities, and extra.
Recordsdata associated to the HGX Blackwell 8-GPU, the HGX H20 8-GPU, and the HGX Hopper 8-GPU, together with paperwork regarding the GB NVL 72, GB 200 NVL, and GB 300 NVL72 compute trays, are current as properly. There’s additionally a file associated to the Nvidia Tesla GH200 module.
Paperwork from Hewlett-Packard and Google additionally pertain to server parts and server designs.
A number of Hewlett-Packard and Foxconn recordsdata, for example, describe an enterprise server often called the HPE Hoth Tromper. Board designs for this server are additionally current. The Google GhostFish Fish shelf, in the meantime, is detailed in a separate test-related doc.
Additionally obtained by the group have been recordsdata detailing the technical specs of Micron DDR4 SDRAM and Samsung’s 16GB DDR4 SDRAM modules and their varied parts.
Paperwork regarding storage gadgets have been additionally current, with one file, for example, detailing the Seagate Exos 2×18 mechanical arduous drive design.
Practically all the paperwork within the pattern supplied by Nitrogen are in English and are seemingly associated to Foxconn amenities in North America. Nonetheless, the ransomware group additionally included PDFs of Foxconn emails in Chinese language, although the content material stays server-related.
A few of the recordsdata taken from Foxconn comprise regulatory compliance info or element {hardware} testing procedures.
Total, almost every little thing taken from Foxconn seems to be server-focused. There don’t seem like paperwork from Foxconn’s Guanlan and Zhengzhou amenities, which assemble different Apple merchandise, just like the iPhone.
There’s additionally nothing associated to iPad, Mac, or Apple Imaginative and prescient Professional meeting, regardless of Foxconn taking part in a key half within the manufacturing of those system strains.
Foxconn’s meeting crops in North America, such because the one in Mount Nice, Wisconsin, or the one in Houston, Texas, do not assemble Apple merchandise past servers, so it is no shock that no iPhone-related paperwork appeared.
The complete scope of the Foxconn cyberattack, nevertheless, stays undetermined, because the ransomware group accountable says it stole over 11 million recordsdata, allegedly equating to eight terabytes.
Because it presently stands, it doesn’t seem that this assault will yield any vital Apple design leaks.
