Corporations are Losing Login Credentials at an Alarming Rate, Says Flare
Table of Contents
- By Steven
- Aug 01, 2023
Major businesses from around the world are losing valuable login credentials at a rapid rate. Huge corporations are going through applications with platforms like Hubspot, Salesforce, AWS, Google Cloud Platform, DocuSign, and so many others, and during the process, they are losing valuable login credentials. Huge numbers of businesses are being compromised by hackers looking at these many different services, and it's becoming a very real problem that most companies aren't talking about today.
How Did the Attack Occur?
Hackers are looking at email clients, ISP information, software applications, communications with other individuals, and more to detect login credentials for data-storing platforms. Once the hackers get access to a single set of credentials for an individual, they test the data in as many other services as they can to hopefully get lucky and unlock access to multiple services at once.
What Information Was Viewed or Stolen?
Usernames and passwords were the most common data figures to be stolen in all these different corporate attacks, but so much more was also lost. ChatGPT data logs contain a variety of potentially harmful bits of data for companies, and they store data by default, making them prime targets for gathering additional information. It's also important to note that all the login credentials will be used to gain access to additional programs filled with more confidential data that will also be stolen. These attacks are self-feeding cycles that can lead to massive data losses for any of the many companies involved.
How Did the Companies Admit to the Breach?
Flare created a breakdown of all the lost credentials for these major companies by sorting through Stealer Logs. While looking through the huge cluster of data, it was stunning to see 179,000 AWS Console credentials, 2,300 Google Cloud, 15,500 QuickBooks, 64,500 Docusign, and so many others. Most cloud-based software solutions used in business today are being mined for information readily. These attacks are ideal for hackers because they rely on having authentic credentials. With the right user credentials, it's easy to access confidential data without being flagged by a corporate security system, and this is one of the main ways hackers are getting away with confidential business and personal data.
What Will Become of the Stolen Information?
The stolen data will be given away, used for phishing attacks, leveraged to obtain ransoms, sold to corporate enemies, and much more. This harmful information can potentially hurt companies worldwide, and it's constantly being lost. It's impossible to say how any one piece of data will be used, but the collective stolen data will cause significant problems for major businesses in the United States and in other countries throughout the world.
What Should Affected Parties Do in the Aftermath of the Breach?
Corporations need to tighten their security protocols. They need to find a way to stop their virtual employees from unknowingly giving away login credentials, and they need to start monitoring their data more carefully than ever before. Without making some significant changes, vast pools of data will continue being stolen, and corporations will lose more money as a result.