Skip to content
Techzine Europe
  • Home
  • Topstories
  • Topics
    • Analytics
    • Applications
    • Collaboration
    • Data Management
    • Devices
    • Devops
    • Infrastructure
    • Privacy & Compliance
    • Security
  • Insights
    • All Insights
    • Agentic AI
    • Analytics
    • Cloud ERP
    • Generative AI
    • IT in Retail
    • NIS2
    • RSAC 2025 Conference
    • Security Platforms
    • SentinelOne
  • More
    • Become a partner
    • About us
    • Contact us
    • Terms and conditions
    • Privacy Policy
  • Techzine Europe
  • Techzine Netherlands
Techzine News Security Hackers sell data center login credentials of large multinationals
3 min Security

Hackers sell data center login credentials of large multinationals

Sander AlmekindersFebruary 21, 2023 3:04 pmFebruary 21, 2023
Hackers sell data center login credentials of large multinationals

Cybercriminals put stolen login data from large companies up for sale in late January. The data came from a number of the companies’ Asian data centers.

This was discovered by security specialist Resecurity in an investigation ongoing since September 2021. According to the investigation, several data center providers, cloud service providers and MSPs in Asia have been affected by a sustained cyber attack. The cybercriminals, originating from China and some other Asian countries, set out to steal login credentials and other sensitive data from (large) customers.

Bloomberg writes that the affected data center providers are Shanghai-based GDS Holdings and Singapore-based ST Telemedia Global Datacenters. Companies from which login credentials and data were allegedly stolen include Alibaba, Amazon, Apple, BMW, Goldman Sachs, Huawei, Microsoft and Walmart.

Multi-year attacks

The attacks have a long evolution, Resecurity’s security experts discovered. The first malicious cyber activities were spotted in September 2021. During this first attack, the cybercriminals managed to get their hands on a list of CCTV cameras, followed by login credentials of operational employees of the data centers themselves and employees of customers operating in the data centers. In addition, they got their hands on data about services purchased and equipment deployed. In addition, they showed interest is the availability of a “remote hands service (RHS) that allows customers to remotely manage their servers in the data center and troubleshoot problems before that.

In the second wave of attacks, carried out throughout 2022, the cybercriminals again managed to steal a customer database with more than a thousand records at a Singapore data center company. This attack, however, was detected and eventually repelled.

The third and, for now, final episode of this attack occurred recently. Investigators discovered that the cybercriminals put the stolen login credentials and other data of major customers of the affected data center companies up for sale on the dark web. More specifically, this involves the RAMP platform that is mostly used by Initial Access Brokers (IABs) and ransomware criminals.

Also read: European companies plan to increase IT security budget over next three years

Impact unknown

The researchers say they cannot estimate the impact of this large-scale theft of login credentials and other data. By going public now about these attacks on the aforementioned data center providers, they hope to mitigate any impact, but also to create more awareness of this type of attack. Meanwhile, in addition to the affected companies, several CERTs of the affected countries have also been informed about the attack.

Tags:

data centers / hack / login credentials / multinational companies

"*" indicates required fields

Stay tuned, subscribe!

Nieuwsbrieven*
This field is for validation purposes and should be left unchanged.

Related

Seagate introduces 30TB hard drive for data centers and AI workloads

QTS invests €1.4 billion in Dutch data center

Arm chips in data centers: 70,000 customers, 14x growth since 2021

CoreWeave acquires Core Scientific for $9 billion in AI data center race

Editor picks

Replatforming virtualized workloads: Do your VMs need a new home?

Finding a balance for VMs and containers

Ingram Micro slowly gets back on its feet after ransomware attack

Ingram Micro is gradually reactivating customer ordering after contai...

Domain-specific AI beats general models in business applications

Visma’s AI team is quietly redefining document processing across Eu...

Microsoft offers Europe new terms after complaint about licensing

Microsoft has submitted a new proposal to the European cloud organiza...

Insight: IT in Healthcare

Children with autism treated months earlier thanks to process automation

In the United States, one in 31 children is diagnosed with autism. Th...

EU launches action plan for cybersecurity in healthcare

The European Commission proposes an EU-wide action plan to protect th...

EU proposal gives medical data to product developers

EU proposal gives medical data to product developers

Several organizations want the EU to reshape the European Health Data...

AI-powered scanner detects skin cancer at lightning speeds

AI-powered scanner detects skin cancer at lightning speeds

Healthcare under pressure, technology may offer solution

Read more on Security

Manufacturing industry still favorite target of cybercriminals

Manufacturing industry still favorite target of cybercriminals

The manufacturing industry is suffering greatly from cyberattacks. For the fourth year in a row, the sector t...

Berry Zwets 1 day ago
Fake software tools cost blockchain developer $500,000

Fake software tools cost blockchain developer $500,000

A Russian blockchain developer lost half a million dollars in cryptocurrency after installing a malicious ext...

Berry Zwets 2 days ago
An average of 131 CVE reports per day

An average of 131 CVE reports per day

The number of CVE reports will continue to rise in 2025. There is now an average of 131 per day. The KEV list...

Berry Zwets 2 days ago
KnowBe4 evolves from security training to human risk management
Top story

KnowBe4 evolves from security training to human risk management

Security awareness training has come a long way from its origins as a compliance checkbox. Today, it’s evol...

Berry Zwets July 11, 2025

Whitepapers

Experience Synology’s latest enterprise backup solution

Experience Synology’s latest enterprise backup solution

How do you ensure your company data is both secure and quickly recove...

How to choose the right Enterprise Linux platform?

How to choose the right Enterprise Linux platform?

"A Buyer's Guide to Enterprise Linux" comprehensively analyzes the mo...

Enhance your data protection strategy for 2025

The Data Protection Guide 2025 explores the essential strategies and...

Strengthen your cybersecurity with DNS best practices

The white paper "DNS Best Practices" by Infoblox presents essential g...

Tech calendar

GITEX DIGI_HEALTH 5.0 - Thailand

September 10, 2025 BITEC Bangkok, Thailand

IT Arena

September 26, 2025 Lviv, Ukraine

Innovation Week 2025

October 9, 2025 Prague

Luxembourg Venture Days

October 22, 2025 Luxembourg

Appdevcon

March 10, 2026 Amsterdam

Webdevcon

March 10, 2026 Amsterdam

Techzine Global

Techzine focusses on IT professionals and business decision makers by publishing the latest IT news and background stories. The goal is to help IT professionals get acquainted with new innovative products and services, but also to offer in-depth information to help them understand products and services better.

Follow us

Twitter
LinkedIn
YouTube

© 2025 Dolphin Publications B.V.
All rights reserved.

Techzine Service

  • Become a partner
  • Advertising
  • About Us
  • Contact
  • Terms & Conditions
  • Privacy Statement