Google-owned Mandiant, who have been working on this case since April, were the first to discover stolen data from a Snowflake environment that belonged to an unnamed organisation. They are currently still investigating the breach and have notified 165 organisations that they believe to have been affected, although the attack is ongoing, so this number continues to grow.
The data breaches affected many notable organisations. 560 million records were stolen from Ticketmaster, 30 million from Santander, 380 million customer details from Advance Auto Parts, and the data of 190 million customers from Lending Tree/Quote Wizard.
Data storage platform Pure Storage, whose customer base includes high-profile companies such as Meta, Ford, JP Morgan and NASA, also experienced a data breach, with the attackers gaining access to telemetry information and customer names, usernames and email addresses.
It is believed the attack is financially motivated, with customers’ details appearing for sale on black market sites, and the attackers themselves trying to extort victims into buying their information back. A cybercriminal going by the username ‘Sp1d3r’ posted on hacking forum BreachForums that 2TB of alleged LendingTree and Quote Wizard data was for sale at $2 million, and 3TB of Advance Auto Parts for $1.5 million.
Snowflake claims the data breach was the result of a successful credential stuffing attack, in which hackers’ ‘stuff’ the platform with countless login details that have been obtained elsewhere, usually the black market, until one works. Brad Jones, chief information officer at Snowflake, mentioned in a blog post on Snowflake forums that it is believed the login details have been bought through information stealing malware designed to pull usernames and passwords from compromised devices.
Snowflake’s data breach reminds us of the importance of protecting data, and how easy hackers can access information if the right security measures are not in place. There is no security measure that is too small, and it is always better to take extra precautions when preventing your data on both internal and external systems.
It is important to remember that just because data is stored in the cloud, that does not mean it is secure and safe.
What do we recommend to keep your data secure?
Talk through your IT needs with one of our friendly technicians – no commitment, no cost!
Complete our contact form and one of our experts will be in touch, or call our team on 01332 374444.
Array ( )