Hackers made off with limited data from Pure Storage. They managed to penetrate the flash specialist’s Snowflake environment.

Criminals have stolen data from flash expert Pure Storage. The company is quick to point out that no data was stolen from customers’ storage systems. The hackers managed to break into a Pure Storage data analysis workspace within Snowflake. According to the company, this also included telemetry data that Pure Storage uses to work on its customer support.

While Pure Storage customers’ own data is secure, their customers’ data is not. Information such as company names, email addresses, LDAP usernames, and the version of Purity software in use is available.

Pure Storage said it took immediate action to stop malicious access. There is no indication of any further impact to the company’s systems. Pure Storage is not revealing what exactly went wrong.

Registered criminal

However, there is a good chance that Pure Storage is one of the victims of a current attack campaign targeting poorly secured Snowflake accounts. Security firm Mandiant, together with the data cloud provider, determined that around 165 Snowflake accounts have already been breached by hackers.

Although “cracked” is a big word, in fact, in all known cases, attackers were able to simply log into an organization’s Snowflake account using stolen credentials that, in most cases, had already been circulating on the internet for several years. Due to the lack of additional security measures such as MFA, criminals managed to steal corporate data using this information alone.

Pure Storage has not commented on whether the company is also a victim of the same campaign, although this seems likely given the situation and timing.