Hackers stole data center logins for Apple, Microsoft, and many more

Around 2,000 companies, including China's foreign exchange platform, that use two data centers in Asia are reportedly affected by a recent hack. The primary data centers run by GDS Holdings in Shanghai and ST Telemedia Global Data in Singapore have had their login credentials for customer support websites stolen, with at least five of these websites being accessed by hackers.

The stolen login credentials have been in the hackers' possession for over a year, but were recently offered for sale for $175,000 in January 2023. The hackers have confirmed that some of the stolen credentials work, but have been unable to handle the volume of logins, saying "But unable to handle as total number of companies is over 2,000."

As a response to the hack, the data centers have forced password changes on all of their customers at the start of the year.

The affected companies include tech giants such as Apple, Microsoft, and Amazon, as well as financial institutions such as Alibaba, Goldman Sachs, and Walmart. While many of these companies declined to comment on the situation, a spokesperson for Microsoft confirmed that they regularly monitor for threats and take appropriate action to protect their customers. Similarly, a spokesperson for Goldman Sachs confirmed that their data was not at risk and that they have additional controls to protect against such breaches.

The hack was discovered by a cybersecurity research firm, which sent an operative undercover to infiltrate the group responsible for the hack in China.