Skip to content
Techzine Europe
  • Home
  • Topstories
  • Topics
    • Analytics
    • Applications
    • Collaboration
    • Data Management
    • Devices
    • Devops
    • Infrastructure
    • Privacy & Compliance
    • Security
  • Insights
    • All Insights
    • Agentic AI
    • Analytics
    • Cloud ERP
    • Generative AI
    • IT in Retail
    • NIS2
    • RSAC 2025 Conference
    • Security Platforms
    • SentinelOne
  • More
    • Become a partner
    • About us
    • Contact us
    • Terms and conditions
    • Privacy Policy
  • Techzine Europe
  • Techzine Netherlands
Techzine News Security Hackers sell data center login credentials of large multinationals
3 min Security

Hackers sell data center login credentials of large multinationals

Sander AlmekindersFebruary 21, 2023 3:04 pmFebruary 21, 2023
Hackers sell data center login credentials of large multinationals

Cybercriminals put stolen login data from large companies up for sale in late January. The data came from a number of the companies’ Asian data centers.

This was discovered by security specialist Resecurity in an investigation ongoing since September 2021. According to the investigation, several data center providers, cloud service providers and MSPs in Asia have been affected by a sustained cyber attack. The cybercriminals, originating from China and some other Asian countries, set out to steal login credentials and other sensitive data from (large) customers.

Bloomberg writes that the affected data center providers are Shanghai-based GDS Holdings and Singapore-based ST Telemedia Global Datacenters. Companies from which login credentials and data were allegedly stolen include Alibaba, Amazon, Apple, BMW, Goldman Sachs, Huawei, Microsoft and Walmart.

Multi-year attacks

The attacks have a long evolution, Resecurity’s security experts discovered. The first malicious cyber activities were spotted in September 2021. During this first attack, the cybercriminals managed to get their hands on a list of CCTV cameras, followed by login credentials of operational employees of the data centers themselves and employees of customers operating in the data centers. In addition, they got their hands on data about services purchased and equipment deployed. In addition, they showed interest is the availability of a “remote hands service (RHS) that allows customers to remotely manage their servers in the data center and troubleshoot problems before that.

In the second wave of attacks, carried out throughout 2022, the cybercriminals again managed to steal a customer database with more than a thousand records at a Singapore data center company. This attack, however, was detected and eventually repelled.

The third and, for now, final episode of this attack occurred recently. Investigators discovered that the cybercriminals put the stolen login credentials and other data of major customers of the affected data center companies up for sale on the dark web. More specifically, this involves the RAMP platform that is mostly used by Initial Access Brokers (IABs) and ransomware criminals.

Also read: European companies plan to increase IT security budget over next three years

Impact unknown

The researchers say they cannot estimate the impact of this large-scale theft of login credentials and other data. By going public now about these attacks on the aforementioned data center providers, they hope to mitigate any impact, but also to create more awareness of this type of attack. Meanwhile, in addition to the affected companies, several CERTs of the affected countries have also been informed about the attack.

Tags:

data centers / hack / login credentials / multinational companies

"*" indicates required fields

Stay tuned, subscribe!

Nieuwsbrieven*
This field is for validation purposes and should be left unchanged.

Related

Arm chips in data centers: 70,000 customers, 14x growth since 2021

CoreWeave acquires Core Scientific for $9 billion in AI data center race

Cloud sector wants EU not to restrict water supply to data centers

Data breach involving 16 billion credentials is not what it seems

Editor picks

Ingram Micro slowly gets back on its feet after ransomware attack

Ingram Micro is gradually reactivating customer ordering after contai...

Domain-specific AI beats general models in business applications

Visma’s AI team is quietly redefining document processing across Eu...

Docker Compose aims to make AI agent creation a breeze

Docker has expanded its Compose tool to support AI agent architecture...

Is English the next programming language? JetBrains’ CEO says no

AI evangelists like Nvidia's Jensen Huang proclaim that English will ...

Insight: Security Platforms

The state of cloud security

From hot topic to mature discipline

Thales covers data security entirety thanks to Imperva

A year and a half after Thales acquired data and application security...

APIs are indispensable, but also pose a security risk

APIs are indispensable, but also pose a security risk

APIs are everywhere these days. You can hardly have a conversation ab...

What are the current cyber security threats? An overview

What are the current cyber security threats? An overview

Cybersecurity is in a state of constant change. The attack surfaces o...

Read more on Security

Ingram Micro slowly gets back on its feet after ransomware attack

Ingram Micro slowly gets back on its feet after ransomware attack

Ingram Micro is gradually reactivating customer ordering after containing its ransomware attack. The IT distr...

Erik van Klinken 2 days ago
Patch Tuesday: Microsoft closes 137 vulnerabilities, no zero-days

Patch Tuesday: Microsoft closes 137 vulnerabilities, no zero-days

During the monthly Patch Tuesday in July 2025, Microsoft released security updates for a total of 137 vulnera...

Mels Dees 2 days ago
Open-source malware surges 188 percent, targeting developers

Open-source malware surges 188 percent, targeting developers

Sonatype discovered 16,279 malicious open-source packages in Q2 2025, marking a 188 percent increase from the...

Erik van Klinken 2 days ago
Zscaler Cellular brings Zero Trust to IoT and OT devices
Top story

Zscaler Cellular brings Zero Trust to IoT and OT devices

In August, Zscaler will launch a cellular solution that brings Zero Trust security to IoT and OT devices. Wit...

Berry Zwets 3 days ago

Whitepapers

Experience Synology’s latest enterprise backup solution

Experience Synology’s latest enterprise backup solution

How do you ensure your company data is both secure and quickly recove...

How to choose the right Enterprise Linux platform?

How to choose the right Enterprise Linux platform?

"A Buyer's Guide to Enterprise Linux" comprehensively analyzes the mo...

Enhance your data protection strategy for 2025

The Data Protection Guide 2025 explores the essential strategies and...

Strengthen your cybersecurity with DNS best practices

The white paper "DNS Best Practices" by Infoblox presents essential g...

Tech calendar

Krijg Volledig Inzicht van Gebruiker tot Cloud met Cisco ThousandEyes

July 15, 2025

GITEX DIGI_HEALTH 5.0 - Thailand

September 10, 2025 BITEC Bangkok, Thailand

IT Arena

September 26, 2025 Lviv, Ukraine

Innovation Week 2025

October 9, 2025 Prague

Luxembourg Venture Days

October 22, 2025 Luxembourg

Appdevcon

March 10, 2026 Amsterdam

Techzine Global

Techzine focusses on IT professionals and business decision makers by publishing the latest IT news and background stories. The goal is to help IT professionals get acquainted with new innovative products and services, but also to offer in-depth information to help them understand products and services better.

Follow us

Twitter
LinkedIn
YouTube

© 2025 Dolphin Publications B.V.
All rights reserved.

Techzine Service

  • Become a partner
  • Advertising
  • About Us
  • Contact
  • Terms & Conditions
  • Privacy Statement