Threat Advisory

Snowflake Customers Hit With ‘Significant’ Data Theft In Attacks: Mandiant

June 12, 2024 | By Accorian

Description

Mandiant researchers have identified a recent breach of the Snowflake Cloud Data Platform by the Uncategorized Threat Actor Group (UNC5537) that could potentially expose approximately 165 organizations. The data theft, which occurred in mid-April 2024, appears to have exploited Snowflake’s stolen customer credentials obtained through infostealer malware campaigns on non-Snowflake systems.

Impact

The absence of multi-factor authentication (MFA) on the affected accounts facilitated the breach. Notable organizations affected include Ticketmaster, Santander Bank, and Advance Auto Parts. Over 100 customers were confirmed as impacted.

Remediation

● Add an extra layer of security by enabling MFA for all accounts.

● Strengthen Password Policies by implementing long, complex passwords and changing them regularly.

● Regularly audit and monitor accounts for suspicious activity.

● Enforce secure configurations and keep systems updated with patches.

● Conduct frequent security assessments and penetration testing.

Source: https://www.crn.com/news/security/2024/snowflake-customers-hit-with-significant-data-theft-in-attacks-mandiant?itc=refresh

Contact us to schedule a scan and discuss your specific security needs.

For any further assistance, kindly reach out to us at info@accorian.com

Recent Post

Ready to Start?

Ready to Start?​


Drop your CVs to joinourteam@accorian.com

Interested Position

Download Case study

Download SOC2 Guide