Hackers sells data center logins for major corporations

Share post:

According to cybersecurity researchers Resecurity Inc., hackers have been found selling access to some of the world’s largest corporations’ data centers on underground forums. The login credentials were being sold for prices ranging from a few thousand to hundreds of thousands of dollars. The hackers are thought to have gained access via phishing emails or by exploiting known vulnerabilities in the systems.

The data center login credentials being sold allow unauthorized access to sensitive information such as corporate secrets, financial information, and customer personal data. This type of data could be used for a variety of malicious purposes, including corporate espionage, identity theft, and financial fraud.

According to Resecurity, the hackers had access to the login credentials for more than a year before posting it for sale on the dark web last month for $175,000, claiming they were overwhelmed by the volume of it.

The email addresses and passwords could have allowed hackers to pose as authorized users on the customer service websites. According to Resecurity, the security firm discovered the data caches in September 2021 and said it also discovered evidence the hackers were using it to access accounts of GDS and STT GDC customers as recently as January, when both data center operators forced customer password resets. Even without valid passwords, the data would be valuable, allowing hackers to craft targeted phishing emails against people with high-level access to their companies’ networks.

It’s unclear what the hackers did with the other logins. Credentials for some of the world’s largest companies were included, including Alibaba Group Holding Ltd., Amazon.com Inc., Apple Inc., BMW AG, Goldman Sachs Group Inc., Huawei Technologies Co., Microsoft Corp., and Walmart Inc.

Resecurity is urging businesses to take precautions to protect their systems, such as regularly updating software, training employees to recognize and avoid phishing attacks, and implementing multi-factor authentication.

The sources for this piece include an article in DataCenterKnowledge.

SUBSCRIBE NOW

Related articles

Intel CEO Pat Gelsinger Retires Amid Record Losses and Ongoing Restructuring

Intel CEO Pat Gelsinger has announced his retirement effective December 1, marking the end of a challenging tenure...

Qualcomm Explores Potential Acquisition of Intel

In a shocking turn of events in the semiconductor industry, Qualcomm has, as reported in the New York...

Intel’s contract manufacturing hits setback with quality issues

Intel’s contract manufacturing business has encountered a major setback after silicon wafers produced for Broadcom failed to meet...

Dell has another major round of layoffs

Dell has initiated another round of layoffs, affecting a significant number of employees, including long-term company veterans. HR...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways