Skip to content
Techzine Global
  • Home
  • Topstories
  • Topics
    • Analytics
    • Applications
    • Collaboration
    • Data Management
    • Devices
    • Devops
    • Infrastructure
    • Privacy & Compliance
    • Security
  • Insights
    • All Insights
    • Agentic AI
    • Analytics
    • Cloud ERP
    • Generative AI
    • IT in Retail
    • NIS2
    • RSAC 2025 Conference
    • Security Platforms
    • SentinelOne
  • More
    • Become a partner
    • About us
    • Contact us
    • Terms and conditions
    • Privacy Policy
  • Techzine Global
  • Techzine Netherlands
  • Techzine Belgium
  • Techzine TV
  • ICTMagazine Netherlands
  • ICTMagazine Belgium
Techzine » News » Security » Hackers sell data center login credentials of large multinationals
3 min Security

Hackers sell data center login credentials of large multinationals

Sander AlmekindersFebruary 21, 2023 3:04 pmFebruary 21, 2023
Hackers sell data center login credentials of large multinationals

Cybercriminals put stolen login data from large companies up for sale in late January. The data came from a number of the companies’ Asian data centers.

This was discovered by security specialist Resecurity in an investigation ongoing since September 2021. According to the investigation, several data center providers, cloud service providers and MSPs in Asia have been affected by a sustained cyber attack. The cybercriminals, originating from China and some other Asian countries, set out to steal login credentials and other sensitive data from (large) customers.

Bloomberg writes that the affected data center providers are Shanghai-based GDS Holdings and Singapore-based ST Telemedia Global Datacenters. Companies from which login credentials and data were allegedly stolen include Alibaba, Amazon, Apple, BMW, Goldman Sachs, Huawei, Microsoft and Walmart.

Multi-year attacks

The attacks have a long evolution, Resecurity’s security experts discovered. The first malicious cyber activities were spotted in September 2021. During this first attack, the cybercriminals managed to get their hands on a list of CCTV cameras, followed by login credentials of operational employees of the data centers themselves and employees of customers operating in the data centers. In addition, they got their hands on data about services purchased and equipment deployed. In addition, they showed interest is the availability of a “remote hands service (RHS) that allows customers to remotely manage their servers in the data center and troubleshoot problems before that.

In the second wave of attacks, carried out throughout 2022, the cybercriminals again managed to steal a customer database with more than a thousand records at a Singapore data center company. This attack, however, was detected and eventually repelled.

The third and, for now, final episode of this attack occurred recently. Investigators discovered that the cybercriminals put the stolen login credentials and other data of major customers of the affected data center companies up for sale on the dark web. More specifically, this involves the RAMP platform that is mostly used by Initial Access Brokers (IABs) and ransomware criminals.

Also read: European companies plan to increase IT security budget over next three years

Impact unknown

The researchers say they cannot estimate the impact of this large-scale theft of login credentials and other data. By going public now about these attacks on the aforementioned data center providers, they hope to mitigate any impact, but also to create more awareness of this type of attack. Meanwhile, in addition to the affected companies, several CERTs of the affected countries have also been informed about the attack.

Tags:

data centers / hack / login credentials / multinational companies

"*" indicates required fields

Stay tuned, subscribe!

Nieuwsbrieven*
This field is for validation purposes and should be left unchanged.

Related

Vertiv launches OneCore for faster data center deployment

Broadcom launches Jericho4 for scalable data center networks

Qualcomm sets its sights on data centers with Oryon chips

OpenAI establishes Stargate Norway with 230 MW data center

Editor picks

Apple considered acquiring Mistral AI and Perplexity

Apple is said to have been in talks about the possible acquisition of...

Microsoft joins AI race at last: two models mark its first move

In March 2024, Microsoft set up its own AI team. The goal was clear: ...

China tries its hand at advanced AI chips without Nvidia: will it succeed?

Vendor lock-in is a ubiquitous problem. Anyone looking for AI chips w...

Infoblox turns DNS into cybersecurity’s first line of defense

Infoblox positions DNS as the earliest point of cyber threat preventi...

Techzine.tv

How VMware VCF 9 and Tanzu simplify enterprise automation

How VMware VCF 9 and Tanzu simplify enterprise automation

HPE's rise as a credible virtualization player started with Morpheus acquisition

HPE's rise as a credible virtualization player started with Morpheus acquisition

The unique IT challenges of Carnival Cruise Line's "floating cities"

The unique IT challenges of Carnival Cruise Line's "floating cities"

Accelerating SAP Adoption with AI: Interview with Thomas Pfiester at SAP Sapphire

Accelerating SAP Adoption with AI: Interview with Thomas Pfiester at SAP Sapphire

Read more on Security

Infoblox turns DNS into cybersecurity’s first line of defense
Top story

Infoblox turns DNS into cybersecurity’s first line of defense

Infoblox positions DNS as the earliest point of cyber threat prevention, claiming to block malicious infrastr...

Berry Zwets 22 hours ago
IGEL benefits from seismic VMware and Windows 10 shifts
Top story

IGEL benefits from seismic VMware and Windows 10 shifts

No matter how strong IT security is, cyberattacks are almost impossible to prevent. IGEL argues that endpoint...

Erik van Klinken August 22, 2025
Sophisticated attack hits WhatsApp users

Sophisticated attack hits WhatsApp users

WhatsApp fixed a serious vulnerability that was exploited in a series of attacks in which victims did not nee...

Mels Dees 18 hours ago
Google refutes reports of major Gmail breach

Google refutes reports of major Gmail breach

Google has attempted to clarify a wave of reports that gave the impression that Gmail had recently experience...

Mels Dees 18 hours ago

Expert Talks

The AI productivity mirage: why leaders are aiming at the wrong target

The AI productivity mirage: why leaders are aiming at the wrong target

In the never-ending quest for developer productivity gains, a new def...

Meeting future workload demands: the case for emerging memory technologies

Meeting future workload demands: the case for emerging memory technologies

It often feels as though memory is an outlier in the technology world...

How AI and automation are redefining ROI in the enterprise

Today’s data and business analysts are equipped with a wide array o...

Enhancing video encoding: The AV1 support in the new ARTPEC-9 System-on-Chip

In an era where video security and digital technologies are evolving ...

Tech calendar

NULLCON Berlin 2025

September 4, 2025 Courtyard By Marriott, Berlin City Center

bit summit

September 4, 2025 Hamburg

GITEX DIGI_HEALTH 5.0 - Thailand

September 10, 2025 BITEC Bangkok, Thailand

VeeamON Tour 2025

September 18, 2025 Driebergen-Rijsenburg

IT Arena

September 26, 2025 Lviv, Ukraine

Innovation Week 2025

October 9, 2025 Prague

Whitepapers

Experience Synology’s latest enterprise backup solution

Experience Synology’s latest enterprise backup solution

How do you ensure your company data is both secure and quickly recove...

How to choose the right Enterprise Linux platform?

How to choose the right Enterprise Linux platform?

"A Buyer's Guide to Enterprise Linux" comprehensively analyzes the mo...

Enhance your data protection strategy for 2025

The Data Protection Guide 2025 explores the essential strategies and...

Strengthen your cybersecurity with DNS best practices

The white paper "DNS Best Practices" by Infoblox presents essential g...

Techzine Global

Techzine focusses on IT professionals and business decision makers by publishing the latest IT news and background stories. The goal is to help IT professionals get acquainted with new innovative products and services, but also to offer in-depth information to help them understand products and services better.

Follow us

Twitter
LinkedIn
YouTube

© 2025 Dolphin Publications B.V.
All rights reserved.

Techzine Service

  • Become a partner
  • Advertising
  • About Us
  • Contact
  • Terms & Conditions
  • Privacy Statement