Hackers are selling login passwords to 2,000 enterprises in China and the country's foreign exchange exchange platform, which operates two data centers in Asia.
The stolen login credentials are linked to customer support websites, including China's main foreign exchange and debt trading platform and four others from India, according to Bloomberg.
While the hackers who exposed the data breach had it for a year, they didn't want to sell them until January 2023, for the low price of $175,000.
The hackers claim to have verified that certain credentials are working, but have yet to prove that all of them were.
"I used some targets," the hackers are said to have said. "But I'm unable to deal with the magnitude of the company."
Alibaba Group Holding Ltd., Amazon.com Inc., BMW AG, Goldman Sachs Group Inc., Huawei Technologies Co., Microsoft Corp., and Walmart Inc.
Bloomberg reports that many businesses have declined to provide feedback, and Apple has also failed to respond to comment requests.
Microsoft's spokeswoman said, "We regularly monitor for threats that might impact Microsoft, and when threats arise, we take appropriate measures to protect Microsoft and our customers."
Goldman Sachs' spokesperson has also responded, saying, "We have in place additional safeguards to safeguard against this kind of breach, and we're confident that our data was not at risk."
Resecurity, a cybersecurity research firm, discovered the breach.