X

Apple supplier Foxconn hit by hackers

A hacking group calling itself Swagg Security claims to have breached network security and publicly released names, passwords, and other private data from the Apple supplier.

Lance Whitney Contributing Writer
Lance Whitney is a freelance technology writer and trainer and a former IT professional. He's written for Time, CNET, PCMag, and several other publications. He's the author of two tech books--one on Windows and another on LinkedIn.
Lance Whitney
2 min read
Screenshot by Lance Whitney/CNET

Apple supplier Foxconn now has another crisis on its hands.

A group of hackers known as Swagg Security is taking credit for a breach of Foxconn network security, resulting in the theft of usernames, passwords, and other private information.

In a series of Twitter posts yesterday, the group boasted that it publicly released the information on the Pirate Bay Web site as well as on Pastebin. The attack grabbed the credentials of every Foxconn employee, according to 9to5Mac, including Terry Gou, CEO of parent Hon Hai Industries.

Beyond damaging Foxconn internally, the stolen information could also create trouble for some of the company's technology partners.

"The passwords inside these files could allow individuals to make fraudulent orders under big companies like Microsoft, Apple, IBM, Intel, and Dell," Swagg Security said on its Pastebin page. Be careful ; )"

In response, Foxconn has taken down a Web site (Google cached version) explaining the services it provides to some of its key partners, including Apple, HP, Cisco, and Acer.

The group apparently was able to sneak past Foxconn's security by taking advantage of vulnerabilites in an outdated version of Internet Explorer used by one of the company's workers. Swagg Security even warned its intended victim on January 26 to make sure its browsers were up-to-date though it didn't name Foxconn as that victim.

Accessing some of the log-in information, 9to5Mac confirmed that the usernames and passwords did provide access to several Foxconn servers, most of them hosting intranet sites for company clients.

Why Foxconn? Simple answer.

Swagg Security staged its attack in response to all the reports of poor and demeaning working conditions at the manufacturer's factories across China.

Both Foxconn and Apple have been been hit by complaints over the treatment of workers at the various plants. Both companies have defended themselves, publicly stating that factory worker conditions are of great concern.

(Editors' note: Critics of Apple and Foxconn are delivering petitions to a number of Apple stores today, demanding an "ethical" iPhone 5. CNET is covering events in New York and San Francisco.)

Apparently, Foxconn's and Apple's statements haven't been enough to convince the people behind Swagg Security.

"So Foxconn thinks they got 'em some swagger because they work with the Big Boys from Intel, Microsoft, IBM, and Apple? Fool, You don't know what swagger is," the group boasted on its Pastebin page. "They say you got your employees all worked up, committing suicide 'n stuff. They say you hire chinese workers 'cause you think the taiwanese are elite. We got somethin' served up good...real good. Your not gonna' know what hit you by the time you finish this release. Your company gonna' crumble, and you deserve it."

Asked about the breach, a Foxconn spokeswoman told CNET that the company does not comment on matters of internal network security.