Toshiba website hacked – email addresses and passwords exposed

Toshiba logoToshiba announced this weekend that a web server run by its US sales subsidiary had been hacked, and the email addresses, telephone numbers and passwords of hundreds of customers had been compromised.

The Japanese electronics firm said that the server was run by Toshiba America Information Systems Inc., and held personal data relating to 7,520 customers. Fortunately, according to the firm, the personal information exposed did not include any credit card data.

Nevertheless, you don’t want your email address and password falling into hands of malicious hackers.

Not only could cybercriminals “try out” your passwords to see if they unlock any of your other online accounts (too many people use the same password on multiple websites), but they could also target you with attacks pretending to come from Toshiba.

Sign up to our free newsletter.
Security news, advice, and tips.

After all, you have a business relationship with Toshiba – so you would be less suspicious of opening an email or clicking on a link which appeared to have been sent by them. Especially if some clever social engineering made the email appear particularly enticing.

A Toshiba spokesperson told the Wall Street Journal, that the Toshiba subsidiary’s IT staff first noticed a problem with the web server on July 11th, and confirmed on July 13th that it had been hacked.

"We will continue the investigation and intend to thoroughly protect customers' information and manage (related computer) systems to prevent a recurrence."

All customers potentially affected by the hack are said to have been informed of the problem by the firm.

If you run a website it’s essential to ensure it is as secure as possible from hacker attacks.

If you haven’t already done so, read this informative paper by SophosLabs, “Securing websites”, which covers some of the issues.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.