Stolen Login Details Impacted Over 2,000 Businesses

by | Mar 31, 2023

As cyberattacks become increasingly bold, hackers targeted two major data center operators, leading to stolen login details for over 2,000 businesses. That included notable companies such as Amazon, Apple, Microsoft, Walmart, BMW, and Huawei. Larger scale data centers are a valuable target as they act as a center point for specific business functions and logins across many industries. That risk can extend to other service providers storing similarly valuable data.

Threat warnings were sent as early as September 2021, allowing impacted organizations to make changes. From there, additional activity was tracked, with correlating data, over the next two years. Concerningly, login details that matched what was stolen showed up online for sale on February 20, 2023. The scale of the attack and the inclusion of many Fortune 500 corporations means most have acted already. Yet, this was just one of many recent incidents as hackers continue to develop new strategies for stealing data.

What Login Details Were Hackers Targeting?

Based on the observed activity of the hackers, they focused on higher-value targets that could be used to access critical systems and information. That includes:

  • Email accounts for IT staff and customers.
  • Customer service, helpdesk, ticketing, and client support systems.
  • Devices that can be accessed remotely, such as CCTV equipment.
  • Remote access, monitoring, and other technology management systems.

There may have been other lower-priority targets, but the attack was directed at vulnerabilities that offered the most gain.

Why This Attack Was Notable

Rather than targeting businesses more directly, this attack was notable because it aimed at the data center operators. Doing so bypassed a lot of the company’s direct safeguards and gave the hackers access through stolen login details. Additionally, the value of the data is also a concern, as it included accounts for IT staff and customers, along with the systems that supported them. Vulnerable accounts can be used as a stepping stone to attack other areas of a business.

The Importance of Password Security

Password security is a topic that frequently comes up with our clients. Regardless of how good of an IT security team your business has, weak passwords are a common source of getting hacked. The shorter and easier it is to remember, the simpler for a hacker to crack through brute force. Additionally, if a password is stolen in a data center breach like this, reused old passwords could be used to access other accounts.

What Can Businesses Due to Avoid Stolen Login Details?

Enabling two-factor authentication (2FA) is one of a business’s most effective first steps. That involves getting a secondary passcode, usually via text or email, any time you log into an account after you use your regular login information. Even with stolen login details, using 2FA means hackers don’t have enough information to access the account fully. Passcodes are hard to forcefully bypass because too many incorrect guesses will lead to the activity getting discovered.

Using a managed security service provider (MSSP), like ITonDemand, will not only help set up 2FA for accounts but can also implement full-featured protection for businesses. Proactive IT solutions and 24/7 threat tracking can prevent hack attempts even if a third-party data center is breached.

Get IT Support