9621 Agnes Crossing, Lake Suzanneview, New Mexico Island 84604-9295.
Snowflake is facing a data breach at two major customers, but the company vehemently denies that they are the cause. Online ticketing platform Ticketmaster reported a large-scale cyber
Snowflake is facing a data breach at two major customers, but the company vehemently denies that they are the cause.
Online ticketing platform Ticketmaster reported a large-scale cyber incident last week in which hackers stole 1.3 TB of data from 560 million accounts. The database is for sale on the dark web for half a million dollars. Two weeks earlier, Spanish bank Santander announced that it had been hit by a cyberattack that affected customers and former employees in Spain, Uruguay and Chile.
At first glance, a connection between these incidents seems far-fetched, but security company HudsonRock thought it had found it. Both organizations refer to “irregularities at a third-party vendor” in their official communications. HudsonRock began to solve some puzzles and discovered that both companies are Snowflake customers.
A report said the data breaches were allegedly caused by a compromised account belonging to a Snowflake employee. This account gave the attacker(s) access to a database containing data from hundreds of customers. The Australian government agreed with this statement and warned of “increasing suspicious activity” against customers of the data cloud company.
A response from Snowflake was not long in coming. With a statement on Tuesday, Snowflake cleared its innocence. An internal investigation was carried out, which, according to the company, found that there was no evidence of an unclosed leak, stolen credentials or other causes that could have caused a breach. The statement was co-signed by CrowdStrike and Mandiant: not the least names in the world of cybersecurity.
Snowflake is not saying nothing happened. If the data was indeed stolen from the data cloud, it could have been the result of single-factor account security on the customer side, the statement said. The company encourages all customers to use MFA. Snowflake also admits that credentials may have been stolen from an internal “demo account,” but that account does not have access to valuable data.
It remains unclear exactly how the fork fits into the stem. HudsonRock also pulled back its tail and deleted the original report, saying it was due to legal pressure from Snowflake. In any case, the timing couldn’t be worse for Snowflake: The company is holding its annual conference in San Francisco this week. The company has already unveiled more Nvidia features and the Polaris catalog.
Source: IT Daily
As an experienced journalist and author, Mary has been reporting on the latest news and trends for over 5 years. With a passion for uncovering the stories behind the headlines, Mary has earned a reputation as a trusted voice in the world of journalism. Her writing style is insightful, engaging and thought-provoking, as she takes a deep dive into the most pressing issues of our time.
