Foxconn Hacked, Personal Info Leaked -- Redmondmag.com

Foxconn Hacked, Personal Info Leaked

By Chris Paoli
02/09/2012

Internal data of Foxconn was hacked and leaked online in light of recent reports of the company's poor working conditions.

The Chinese plant, responsible for assembling 40 percent of all consumer electronic devices, including Apple's iPhone, had personal data stolen and uploaded online by a group called Security Swagg.

More specifically, the data dump contains ID information and IP addresses of Foxconn's global sales managers, and e-mail lists and customer purchases from partners around the globe. Along with Apple, Intel, Microsoft and IBM also uses the Chinese factory for its electronic assembly.

While the group has taken responsibility for the theft, it said the motivation for the action was not entirely based on news reports (including this January New York Times article) of employee dissatisfaction. "Although we are considerably disappointed of the conditions of Foxconn, we are not hacking a corporation for such a reason and although we are slightly interested in the existence of an iPhone 5, we are not hacking for this reason," said Security Swagg, in an online message

According to 9To5Mac, which was the first outlet to report on the hack, Security Swagg was able to gain access to the company's network using an unpatched vulnerability in Internet Explorer.

The hacker group also provided more details on how the attack was executed: "Foxconn did have an appropriate firewall, but fortunately to our intent, we were able to bypass it almost flawlessly. Of course with funding ourselves we did have our limitations. But with several hacking techniques employed, and a couple of days in time, we were able to dump most of everything of significance."

Security Swagg, which appears to be relatively new to the hacker scene, has many similarities to the group LulzSec, in that its main motivation for hacking is not for political or social reasons (like Anonymous), but purely to cause chaos for its own entertainment.

"We believe there is no reality in hacktivism, even with good intentions. We know those who claim to be 'hacktivists' that inside of you, a suppressed part of you, enjoys playing a part in the anarchist event of hacking of an infrastructure," the group wrote.

Responding to questions on the attack, Foxconn told Computerworld that the company "does not comment on matters of internal network security."

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured

Cisco Warns of Brute Force Attacks Targeting VPNs and Firewalls

Cisco has revealed that a global increase in brute force attacks targeting Virtual Private Networks (VPNs) and other devices is currently taking place.
What's Inside Microsoft 365's Security Toolbox?

Microsoft provides plenty of native tools to secure Microsoft 365. IT pros just have to know where to look.
Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.