According to cybersecurity researchers Resecurity Inc., hackers have been found selling access to some of the world’s largest corporations’ data centers on underground forums. The login credentials were being sold for prices ranging from a few thousand to hundreds of thousands of dollars. The hackers are thought to have gained access via phishing emails or by exploiting known vulnerabilities in the systems.
The data center login credentials being sold allow unauthorized access to sensitive information such as corporate secrets, financial information, and customer personal data. This type of data could be used for a variety of malicious purposes, including corporate espionage, identity theft, and financial fraud.
According to Resecurity, the hackers had access to the login credentials for more than a year before posting it for sale on the dark web last month for $175,000, claiming they were overwhelmed by the volume of it.
The email addresses and passwords could have allowed hackers to pose as authorized users on the customer service websites. According to Resecurity, the security firm discovered the data caches in September 2021 and said it also discovered evidence the hackers were using it to access accounts of GDS and STT GDC customers as recently as January, when both data center operators forced customer password resets. Even without valid passwords, the data would be valuable, allowing hackers to craft targeted phishing emails against people with high-level access to their companies’ networks.
It’s unclear what the hackers did with the other logins. Credentials for some of the world’s largest companies were included, including Alibaba Group Holding Ltd., Amazon.com Inc., Apple Inc., BMW AG, Goldman Sachs Group Inc., Huawei Technologies Co., Microsoft Corp., and Walmart Inc.
Resecurity is urging businesses to take precautions to protect their systems, such as regularly updating software, training employees to recognize and avoid phishing attacks, and implementing multi-factor authentication.
The sources for this piece include an article in DataCenterKnowledge.
