Electronics manufacturer Foxconn has shut three client service portals after hackers published stolen data and login details.
Hackers calling themselves Swagg Security claim that the stolen data could be used to place fraudulent orders in the name of Foxconn’s clients, such as Apple and Dell. "The passwords inside these files could allow individuals to make fraudulent orders under big companies like Microsoft, Apple, IBM, Intel, and Dell," Swagg Security said.
Apple blog 9to5Mac tested the logins while the subdomains were still online on Wednesday evening, and claimed that the logins worked for "more than one Foxconn server". Most of the leaked subdomain passwords associated with individual vendors were just the word "foxconn".
Today, all three subdomains – services.foxconn.com, logistics.foxconn.com and gfmc.foxconn.com – are now offline. Cached version can be seen on Internet archive The Wayback Machine.
The hackers also dumped a list of logins to the Foxconn mail server, including that of CEO Terry Gou. The passwords are all encrypted.
In a statement accompanying the torrent download, Swagg Security said it hacked Foxconn more for "the hilarity that ensues when compromising and destroying an infrastructure" than to make a statement about working conditions in Foxconn’s factories.
It is not known whether Swagg Security is related to the hacking group SwagSec, which claimed responsbility for hacking late singer Amy Winehouse’s website last year.