Feb 22, 2023 13:15:00

Discovered that Amazon, Apple, Microsoft, etc. are facing a crisis of physical intrusion into the data center due to leakage of credentials

A survey by security firm Resecurity has revealed that hackers have obtained login information for data centers in Asia used by some of the world's largest companies, allowing them to steal customer data.

Cyber Attacks on Data Center Organizations

https://www.resecurity.com/blog/article/cyber-attacks-on-data-center-organizations

Hackers Scored Corporate Giants' Logins for Asian Data Centers - Bloomberg
https://www.bloomberg.com/news/features/2023-02-21/hackers-scored-corporate-giants-logins-for-asian-data-centers?leadSource=uverify%20wall

According to Resecurity, among the data leaked were emails and passwords for the customer support websites of two companies: Shanghai-based GDS Holdings and Singapore-based ST Telemedia Global Data Centers (STT GDC). About. The email address and password could have allowed the hackers to impersonate legitimate users on the customer support website, and evidence was also found that they were in fact used to access accounts of GDS and STT GDC customers. that's right.

Approximately 2,000 GDS and STT GDC customers were reportedly affected by the data breach, with hackers logging into at least five accounts, including a major forex and fixed income trading platform in China and four platforms in India. has been confirmed.

Bloomberg pointed out that affected companies include the world's largest companies such as Amazon, Apple, BMW and Huawei.

In response to a question about Resecurity's findings, GDS said in a statement that 'a customer support website was compromised in 2021.' On the other hand, STT GDC said, ``We found no evidence that the customer service portal was compromised,'' and both companies claimed that the unauthorized credentials did not pose a risk to customers' IT systems or data.

But executives at Resecurity and the major US companies affected said stolen credentials pose serious risks. The reason is that the customer support website maintains information about who has physical access to the IT equipment housed in the data center.

'The worst-case scenario for a data center operator is that an attacker somehow manages to physically access a customer's server,' said Michael Henry, former chief information officer of Digital Realty Trust, one of the largest data center operators. access and install malicious code or additional devices.' If that happens, he warned that it could disrupt large-scale communications and operations.

GDS and STT GDC stressed that there was no indication that anything like Henry described had happened and core services were not affected. Both companies have already implemented password resets and internal investigations.