Cloud AI Data platform Snowflake are having a bad month. Due to teenager threat actors and cybersecurity of its own customers… and its own cybersecurity, too, in terms of optics.
There are several large data breaches playing out in the media currently. For example, Ticketmaster owner Live Nation filed an 8-K with the SEC for potentially the largest data breach ever, claimed to be 560 million customers.
They finger Snowflake as part of the data breach:
Additionally incidents are running at multiple other companies who are Snowflake customers where full databases have been taken — I have spoken to people in multiple industries at large corporations where they’ve had significant data exfiltration in May via Snowflake.
The Australian security services have issued an advisory:
They say they are “aware of successful compromises of several companies utilising Snowflake environments”.
Snowflake themselves have put out Indicators of Compromise for “threat activity” over the weekend, saying to look for connections into their platform from the user agent “rapeflake”:
Additionally, a threat actor claims they gained access to Snowflake itself and their customers using infostealers:
In that blog, HudsonRock show stolen credentials of a former Snowflake staff member.
The threat actor makes various claims which sound questionable… but, well, Snowflake have confirmed some of it is true while crowing to the media and customers the blog isn’t true. It is Schrödi
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: