The login credentials of around 2,000 corporations, including tech giants Apple and Microsoft, and China's foreign exchange platform using two data centers in Asia have been discovered for sale on the dark web.
A cybersecurity company found evidence of the breach and sent an undercover agent to China to investigate the organization responsible for it.
Login Credentials 'For Sale'
According to 9to5Mac, cybersecurity firm Resecurity has disclosed that unauthorized individuals have gained access to Apple and other large corporations' data centers. They had remote access to security cameras and possibly even physical access to servers.
It has been revealed that two major data centers, one managed by GDS Holdings in Shanghai and the other by ST Telemedia Global Data Centres (STT GDC) in Singapore, had been compromised. As reported by AppleInsider, at least five customer service websites have been accessed using stolen passwords.
The perpetrators of the attack apparently had access to the credentials for nearly a year before offering them for sale last month for $175,000. People reportedly were still logging in with their original credentials as recently as January of this year. Each data center then initiated a password reset, thus preventing further intrusion.
Still, hackers claimed to have verified the functionality of some passwords but had been unable to process everyone due to the huge number of login attempts.
The hackers allegedly wrote in a post, "I used some targets. But unable to handle as [the] total number of companies is over 2,000."
Breach Assessment
In Bloomberg's report, Resecurity CEO Gene Yoo said that the instances were discovered in 2021 when one of his investigators infiltrated a Chinese hacking gang that had targeted government sites in Taiwan.
It quickly notified the affected customers of Resecurity, which included GDS, STT GDC, and a select few.
In January, when a further investigation revealed that hackers were gaining access to accounts, Resecurity contacted GDS and STT GDC and also notified authorities in China and Singapore.
Comments From Tech Firms
There has been no disclosure of the specific businesses that were hacked. Nevertheless, the whole list also includes major tech players like Apple, Microsoft, Amazon, Alibaba, Goldman Sachs, BMW, and Walmart.
A Microsoft representative told Bloomberg that they routinely monitor for threats potentially damaging the company. They added that when possible risks are detected, immediate measures are taken to defend the firm and its customers.
A Goldman Sachs representative assured people they have extra measures in place to safeguard against this sort of incident. Apparently, the company is confident that its data was not in danger.
A small number of companies have reported no damage to their operations and no evidence that consumer data was accessed. In a statement, BMW called the effects of the attack extremely limited in their business.
Meanwhile, Apple refused to comment.