Hackers Breach Data Center Logins for Apple, Microsoft, and Other Major Companies
Cyber security researchers revealed earlier this month that hackers had obtained data center logins for some of the world’s largest technology companies. Apparently, attackers breached two third-party data center companies and thus were able to steal customer support logins for as many as 2,000 companies, including Apple, Microsoft, Amazon, and many others. Though the attack happened two years ago, back in 2021, it has been revealed now, and the compromised logins were still being used as of January this year.
In Asia, the affected companies host servers on two of the largest data center operators, GDS Holdings and ST Telemedia Global Data Centers. Both companies offer so-called colocation services, providing the building and the network infrastructure so the client companies can install their own servers. Following the announced breach, both data center companies forced password resets and managed to eventually lock out the hackers.
According to the researchers, the malicious actors have also had remote access to surveillance cameras, which could have allowed them even physical access to servers. Moreover, the issue surfaced in January this year, as the attackers offered the credentials for sale on the dark web for $175,000, saying they were overwhelmed by the vast amount of logins. Yet, they still managed to confirm that some of them actually work. A cyber security firm claims the hackers have logged into the accounts of at least five clients of the data centers, including the leading foreign exchange and debt trading platform in China.
Global Computer Networks Prove Again Vulnerable
The purpose and the consequences of the unauthorized access remain unknown as of today. Yet, the news highlights again the potential vulnerabilities of even the most secure systems and the need for constant vigilance in maintaining cybersecurity. Apple declined any comment on the issue, while some of the other companies said they do not believe their customer data has been accessed and the attack has had only a “limited impact.”
It is essential for companies to take all necessary measures to protect their data and systems from cyber-attacks. This includes implementing strong password policies, using multi-factor authentication, regularly monitoring and analyzing system logs, and performing regular vulnerability assessments and penetration testing.
In addition to these technical measures, educating employees about the risks of cyber attacks and how to prevent them is also important. This includes training on how to identify and avoid phishing scams, not sharing login credentials, and reporting suspicious activity to the appropriate authorities.
Furthermore, companies should have a comprehensive incident response plan in place to quickly and effectively respond to any cyber attacks or breaches. This plan should include steps for containing the attack, investigating the cause, notifying affected parties, and restoring systems to normal operation.
Overall, cybersecurity is an ongoing process that requires constant attention and proactive measures to stay ahead of evolving threats. Companies must prioritize cybersecurity and invest in the necessary resources to protect their sensitive data and systems from cyber criminals.