Approximately 2,000 companies, as well as China’s foreign exchange platform that use two data centers in Asia, have discovered that their login passwords are being sold by hackers.
Data centers run by GDS Holdings in Shanghai and ST Telemedia Global Data in Singapore, have apparently been hacked. As reported by Bloomberg, the stolen login credentials are linked to customer support websites, and at least five of the sites have been accessed using the stolen login information, including China’s main foreign exchange and debt trading platform and four others from India.
While the hackers responsible for the data breach apparently had the credentials for a year, they waited until January 2023 to offer them for sale for the bargain price of $175,000.
The hackers say they have confirmed that some credentials work, but have been unable to confirm that they all worked.
“I used some targets,” the hackers are said to have posted. “But unable to handle as total number of companies is over 2,000.”
The information included credentials for some of the world’s biggest companies, including Alibaba Group Holding Ltd., Amazon.com Inc., Apple Inc., BMW AG, Goldman Sachs Group Inc., Huawei Technologies Co., Microsoft Corp. , and Walmart Inc.
Bloomberg says many companies declined to comment, and Apple also failed to respond to comment requests.
A spokesman for Microsoft did say, “We regularly monitor for threats that could impact Microsoft and when potential threats are identified we take appropriate action to protect Microsoft and our customers.”
A spokesperson from Goldman Sachs also responded, saying, “We have in place additional controls to protect against this type of breach, and we are satisfied that our data was not at risk.”
The hack was discovered by cybersecurity research firm Resecurity, which infiltrated the hacking group.