Home

Foxconn Hacked – Passwords posted online.

This news was first announced by 9to5 Mac;

 

 

Hacker group SwaggSec just released a dump of Foxconn internal information, including a mail server login/password dump and logins to various online procurement sites and Intranets. The hack seems to be a retaliation for the working conditions that have swarmed the news lately. The hackers gained access through an unpatched Internet Explorer vulnerability used by a worker inside Foxconn.–9to5Mac

Foxconn is one of Apple’s key suppliers for products like the iPhone and iPad.

Rather embarrassingly for Apple amongst others was their choice of password to Foxconn’s online procurement system ‘foxconn2’. Not exactly the most secure password they could have chosen. I bet the individual who created that password might have some awkward questions to answer at Apple.

Foxconn data Extract

Even more chilling is this comment in Swaggsec’s statement.

We now appropriately give consent to other individuals reading this release, to scavenge through the leaks acquiring usernames and passwords; while attempting to find if they use the passwords anywhere else. Remember damage is bliss.–Swaggsec

A few days ago I posted an article about the risks of using weak passwords and having the same password for multiple sites. Even if you take your online security seriously; use a firewall, have anti-virus software and be very careful what you access on-line, your username and password is still only as secure as the 3rd party site that it is registered with.

Not many of the readers of this blog are likely to have an account with Foxconn, but the key point is make sure that all your passwords are secure and unique. If just one website that you are registered on is compromised, you could give that person access to any other site that uses the same username and password combination.

Take a look at my article on 1Password, an app from Agilebits to help you create and manage secure online passwords to all your online accounts.



%d bloggers like this: