Updated: A hacker appears to have broken into a server of Toshiba America and dumped usernames and passwords on what it claims are 450 of the company's customers, about 20 resellers, plus a futher dozen administrators.
Users of the US Electronic Components and Semiconductors and Consumer Products wings appeared to be those exposed by the hack.
Toshiba was not immediately available for comment.
A Toshiba service portal appeared to be the source of the hack. The site was defaced, but a cache of the page revealed it contained a log in portal for Toshiba servicing.
The Scandinavian hacker, known as V0iD, said the entire stolen database contains some 10,000 usernames, email and street addresses, passwords and phone numbers,.
"There is total 14 'user' lists. Who the **** knows where they go?" it said in a pastebin dump. "That's not the purpose; try with Facebook, email, PayPal and other crap."
Usernames and passwords were revealed in clear text.
The group claimed to have databases including Toshiba's Interactive Merchandising Support System, Concierge help, and a blog site.
V0iD said the attack was a SQL-injection and used a SQL fuzzer script written in Python.
"It was a easy hack, no doubt," V0iD said in a email to SC. "I have hacked many big companies through my time - bank systems, newspapers and other .gov sites."
The hacker said they attacked Toshiba because its "security was a little bad", first name.
"I have hacked for about three years now. My motivation is that security is serious business. I see hacking as a democratic revolt."
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=271&w=480&c=1&s=1)
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
