Snowflake Customers Hit With ‘Significant’ Data Theft In Attacks: Mandiant

Description

Mandiant researchers have identified a recent breach of the Snowflake Cloud Data Platform by the Uncategorized Threat Actor Group (UNC5537) that could potentially expose approximately 165 organizations. The data theft, which occurred in mid-April 2024, appears to have exploited Snowflake’s stolen customer credentials obtained through infostealer malware campaigns on non-Snowflake systems.

Impact

The absence of multi-factor authentication (MFA) on the affected accounts facilitated the breach. Notable organizations affected include Ticketmaster, Santander Bank, and Advance Auto Parts. Over 100 customers were confirmed as impacted.

Remediation

● Add an extra layer of security by enabling MFA for all accounts.

● Strengthen Password Policies by implementing long, complex passwords and changing them regularly.

● Regularly audit and monitor accounts for suspicious activity.

● Enforce secure configurations and keep systems updated with patches.

● Conduct frequent security assessments and penetration testing.

Source: https://www.crn.com/news/security/2024/snowflake-customers-hit-with-significant-data-theft-in-attacks-mandiant?itc=refresh

Contact us to schedule a scan and discuss your specific security needs.

For any further assistance, kindly reach out to us at info@accorian.com

Resources

Related Threat Advisory

Focus On Your Business While We Focus On
Your Security

Focus On Your Business While We Focus On Your Security

Start Here

Security Compliance & Assessment Services

Consulting & Assessment Services

Contact Information

E. info@accorian.com

T. +1-732-443-3468

Linkedin Youtube

Privacy Policy

Office Address

Accorian Head Office

6, Alvin Ct, East Brunswick, NJ 08816 USA

Accorian Canada

Toronto

Accorian India

Ground Floor, 11, Brigade Terraces, Cambridge Rd, Halasuru, Udani Layout, Bengaluru, Karnataka 560008, India

Contact Us