Apple supplier Foxconn now has another crisis on its hands, this time after falling victim to a hack that has exposed the private details of staff.
(Screenshot by Lance Whitney/CNET)
A group of hackers known as Swagg Security is taking credit for a breach of Foxconn network security, resulting in the theft of usernames, passwords and other private information.
In a series of Twitter posts yesterday, the group boasted that it publicly released the information on the Pirate Bay website as well as on Pastebin. The attack grabbed the credentials of every Foxconn employee, according to 9to5Mac, including Terry Gou, CEO of parent company Hon Hai Industries.
Beyond damaging Foxconn internally, the stolen information could also create trouble for some of the company’s technology partners.
“The passwords inside these files could allow individuals to make fraudulent orders under big companies like Microsoft, Apple, IBM, Intel and Dell,” Swagg Security said on its Pastebin page. “Be careful ; )”
In response, Foxconn has taken down a website explaining the services it provides to some of its key partners, including Apple, HP, Cisco and Acer.
The group apparently was able to sneak past Foxconn’s security by taking advantage of vulnerabilities in an outdated version of Internet Explorer used by one of the company’s workers. Swagg Security even warned its intended victim on 26 January to make sure its browsers were up to date, but it didn’t name Foxconn as that victim.
Accessing some of the log-in information, 9to5Mac confirmed that the usernames and passwords did provide access to several Foxconn servers, most of them hosting intranet sites for company clients.
Why Foxconn? Simple answer.
Swagg Security staged its attack in response to all the reports of poor and demeaning working conditions at the manufacturer’s factories across China.
Both Foxconn and Apple have been hit by complaints over the treatment of workers at the various plants. Both companies have defended themselves, publicly stating that factory worker conditions are of great concern.
Apparently, Foxconn’s and Apple’s statements haven’t been enough to convince the people behind Swagg Security.
“So Foxconn thinks they got ’em some swagger because they work with the Big Boys from Intel, Microsoft, IBM and Apple? Fool, you don’t know what swagger is,” the group boasted on its Pastebin page. “They say you got your employees all worked up, committing suicide ‘n stuff. They say you hire Chinese workers ’cause you think the Taiwanese are elite. We got somethin’ served up good … real good. Your not gonna know what hit you by the time you finish this release. Your company gonna’ crumble, and you deserve it.”
Asked about the breach, a Foxconn spokesperson said that the company does not comment on matters of internal network security.
Via CNET
Views: 0