Apple supplier Foxconn has reportedly been hacked, exposing the usernames and passwords of the company's clients and employees. Hacker group SwaggSec just released a dump of Foxconn internal information, including a mail server login/password dump and logins to various online procurement sites and Intranets.
"We encourage media, security experts, and other interested individuals to explore our leaks. Foxconn did have an appropriate firewall, but fortunately to our intent, we were able to bypass it almost flawlessly. Of course with funding ourselves we did have our limitations. But with several hacking techniques employed, and a couple of days in time, we were able to dump most of everything of significance." Hacker said.
The group made a 6.04MB file available earlier this evening first on Demonoid, and then on The Pirate Bay which purported to contain login and password information for Foxconn's email servers, intranets, and various other company-affiliated sites.
Cracking the Code: Learn How Cyber Attackers Exploit Human Psychology
Ever wondered why social engineering is so effective? Dive deep into the psychology of cyber attackers in our upcoming webinar.Join Now
9to5Mac was able to verify these logins worked, though the servers have now been disabled by Foxconn and logins no longer valid. According to the original posting the logins and passwords could allow individuals to make orders under company accounts such as Apple, IBM, Microsoft and Intel.
Mikko Hypponen, chief research officer at F-Secure, posted an image that showed details of the company's host naming system, including what looked like a list of customers. Foxconn, a major contract manufacturer of electronics including Apple's iPhone, has faced negative publicity repeatedly since 2010 following a string of suicides at the company's Chinese facilities.