Hackers stole Apple and 2,000 other companies’ data center logins in 2021

Hackers managed to access Apple and other large corporations’ data center logins, according to a cybersecurity firm. Furthermore, they had remote access to security cameras, and depending on their level of access, they might even have had physical access to servers.

Hackers acquired access to two third-party data center providers utilized by numerous large corporations, and from there they were able to collect data center logins for up to 2,000 additional organizations, including Apple, Amazon, BMW, Goldman Sachs, and Microsoft.

Apple data center logins

Data center logins of 2,000 major companies were maliciously obtained two years ago

Apple uses third-party data centers like Amazon Web Services in addition to having its own throughout the world. Two of the biggest data center operators in Asia, GDS Holdings and ST Telemedia Global Data Centers, are where Apple and other companies place servers. Both businesses provide colocation services, which let customers place their own servers in a facility they supply for the buildings and network equipment.

As reported by Bloomberg, hackers were able to breach both organizations’ networks, and from there they were able to obtain data center logins for the customer care systems of about 2,000 other businesses that have servers hosted there.

In an episode that underscores the vulnerability of global computer networks, hackers got ahold of login credentials for data centers in Asia used by some of the world’s biggest businesses, a potential bonanza for spying or sabotage, according to a cybersecurity research firm.

What the hackers did with the other logins, if anything, is unknown. According to the security company and hundreds of pages of documents reviewed by Bloomberg, the information included credentials in varying numbers for some of the largest corporations in the world, including Alibaba Group Holding Ltd., Amazon.com Inc., Apple Inc., BMW AG, Goldman Sachs Group Inc., Huawei Technologies Co., Microsoft Corp., and Walmart Inc.

The attack took place in 2021, but it was only recently made public. According to the research, client logins were still in use as of January of this year. By forcing password resets at that moment, both data center companies succeeded in keeping the hackers out.

An attacker physically accessing a company’s systems is the worst-case scenario because there is no telling what they could do at that point. According to the cybersecurity company Resecurity, this may have happened in this instance.

“This is a nightmare waiting to happen,” said Michael Henry, former chief information officer for Digital Realty Trust Inc., one of the biggest US data center operators, when told about the incidents by
Bloomberg. (Digital Realty Trust wasn’t affected by the incidents). The worst-case scenario for any data center operator is that attackers somehow get physical access to clients’ servers and install malicious code or additional equipment, Henry said. “If they can achieve that, they can potentially disrupt communications and commerce on a massive scale.”

The majority of the businesses that Bloomberg contacted declined to comment. Alibaba, Amazon, Huawei, and Walmart were included in this. Several attempts for comment from Apple were not answered.

Although they both acknowledged that there had been data center login breaches, both data center operators downplayed their seriousness.

Read more:

About the Author

Asma is an editor at iThinkDifferent with a strong focus on social media, Apple news, streaming services, guides, mobile gaming, app reviews, and more. When not blogging, Asma loves to play with her cat, draw, and binge on Netflix shows.