Over the past 18 months, there have been reports of cyberattacks against numerous data centers in various parts of the world, which have led to the leakage of information about some of the biggest corporations in the world and the publication of access privileges on the dark web.
Resecurity discovered several actors on the dark web, some of whom may have come from Asia, who were able to access customer records and exfiltrate them from one or more databases linked to particular apps and systems utilized by various data center firms during the campaign.
Initial access in at least one of the situations was probably obtained through a weak helpdesk or ticket management module which was connected with other programs and systems, allowing the threat actor to move laterally.
According to Resecurity, the threat actor was able to harvest credentials for data center IT personnel and clients, as well as a list of CCTV cameras and their corresponding video stream identifiers used to monitor data center settings.
Bloomberg said that two of the victim companies are GDS Holdings, based in Shanghai, and ST Telemedia Global Data Centres, based in Singapore. Resecurity did not identify the data center operators that were mentioned in the attack.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: