Hackers have obtained login credentials of data centers in Asia, used by some of the world’s largest businesses, according to cybersecurity firm Resecurity.
The hacked data involves emails and passwords for customer-support websites for two of the largest data center operators in Asia. About 2,000 customers of these two leading data centers were learnt to be affected, the report stated. It added that hackers have logged into the accounts of at least five of them. This includes China’s main foreign exchange and debt trading platform and four others from India, according to Resecurity, which said it infiltrated the hacking group.
Impact
The information included credentials in varying numbers for some of the world’s biggest companies, including Alibaba Group Holding Ltd., Amazon.com Inc., Apple Inc., BMW AG, Goldman Sachs Group Inc., Huawei Technologies Co., Microsoft Corp. and Walmart Inc., according to the security firm and hundreds of pages of documents that Bloomberg reviewed. It’s not clear what the hackers did with the other logins, Bloomberg noted.
Customer support website was breached. The customer-support websites control who is allowed to physically access the IT equipment housed in the data centers. The hackers had access to the login credentials for more than a year before posting it for sale on the dark web last month, for $175,000, saying they were overwhelmed by the volume of it, according to Resecurity.
Industry watchers opined that the application which was targeted by hackers is limited in scope and information to non-critical service functions, such as making ticketing requests, scheduling physical delivery of equipment and reviewing maintenance reports.
Globally, there has been an increase in the number of cyber attacks since the past 3 years. In October 2022, Australia’s largest telco Telstra said that it had suffered a ‘small data breach’, according to a report by Reuters. Telstra, which has 18.8 million customer accounts equivalent to three-quarters of Australia’s population, said an intrusion of a third-party organization exposed some employee data dating back to 2017.
In August 2022, Microsoft admitted a security breach in its Azure Cosmos DB cloud system affected customers, which included many Fortune 500 companies. Cloud infrastructure security company Wiz revealed details of a now-fixed Azure Cosmos database vulnerability that could have been potentially exploited to grant any Azure user full admin access to other customers’ database instances without any authorization.
Cosmos DB is Microsoft’s proprietary NoSQL database that’s advertised as “a fully managed service” that “takes database administration off your hands with automatic management, updates and patching.” The Redmond-based giant paid $40,000 to Wiz after the group explained to them that they had been able to access any control keys they wanted, enabling hackers to read, edit or delete data, according to a report by RT.
