RedRays has made an alarming discovery through their rigorous internet data monitoring and analysis: significant breaches involving user logins and passwords of more than 110 SAP customers. These credentials are now circulating on the black market, posing a potential threat to numerous businesses.
The origin of these user credentials remains uncertain; however, there are suspicions that a large-scale phishing attack could be the source. This situation represents a serious security risk, potentially impacting business continuity and data integrity for numerous SAP customers.
Upon discovering this critical issue, RedRays promptly alerted SAP’s Security Team. We are now collaborating closely with SAP to ensure the affected SAP users receive prompt notification and that necessary steps are taken to mitigate the impact of these leaks.
Several affected companies have already confirmed the validity of the leaked login/password combinations, underscoring the severity of the issue. RedRays is steadfast in its understanding that the security and integrity of SAP systems are paramount, and we stand ready to provide all necessary information and assistance in this regard.
RedRays will continue to provide updates on any major developments. We urge all SAP users to remain vigilant.
Update 1: We believe that there is no exploited vulnerability of SAP products. We are confident that the leak is related to a large-scale phishing attack.