Snowflake data breach highlights importance of multi-step security in the cloud

Published: 22 June 2024
Published: 22 June 2024

Cyber security is the backbone of IT systems in the modern age and it is vital when protecting yourself and your business from cybercriminals. Storing data in the cloud has its risks, as cloud-based data storage giant Snowflake found out at the end of May when their systems breach became one of the biggest data breaches in the UK. Our IT experts explain what happened and how you can prevent a similar catastrophe from happening at your company. 

Snowflake data breach explained 

Google-owned Mandiant, who have been working on this case since April, were the first to discover stolen data from a Snowflake environment that belonged to an unnamed organisation. They are currently still investigating the breach and have notified 165 organisations that they believe to have been affected, although the attack is ongoing, so this number continues to grow. 

The data breaches affected many notable organisations. 560 million records were stolen from Ticketmaster, 30 million from Santander, 380 million customer details from Advance Auto Parts, and the data of 190 million customers from Lending Tree/Quote Wizard.  

Data storage platform Pure Storage, whose customer base includes high-profile companies such as Meta, Ford, JP Morgan and NASA, also experienced a data breach, with the attackers gaining access to telemetry information and customer names, usernames and email addresses.  

Selling data for profit 

It is believed the attack is financially motivated, with customers’ details appearing for sale on black market sites, and the attackers themselves trying to extort victims into buying their information back. A cybercriminal going by the username ‘Sp1d3r’ posted on hacking forum BreachForums that 2TB of alleged LendingTree and Quote Wizard data was for sale at $2 million, and 3TB of Advance Auto Parts for $1.5 million. 

Snowflake claims the data breach was the result of a successful credential stuffing attack, in which hackers’ ‘stuff’ the platform with countless login details that have been obtained elsewhere, usually the black market, until one works. Brad Jones, chief information officer at Snowflake, mentioned in a blog post on Snowflake forums that it is believed the login details have been bought through information stealing malware designed to pull usernames and passwords from compromised devices. 

What can we learn from the Snowflake data breach? 

Snowflake’s data breach reminds us of the importance of protecting data, and how easy hackers can access information if the right security measures are not in place. There is no security measure that is too small, and it is always better to take extra precautions when preventing your data on both internal and external systems.  

It is important to remember that just because data is stored in the cloud, that does not mean it is secure and safe.  

 What do we recommend to keep your data secure? 

  • Two-step/multi-factor authentication – Adding one more step to the login process doesn’t sound like it would make much of a difference, but that one added level of security is enough to keep your details secure. Examples of multi-factor authentication (MFA) include one-time codes via text, facial/retina recognition, voice recognition, fingerprint scanning and authenticator apps. 
  • Regular cyber security audits – To keep your security needs up to date, we offer comprehensive cyber security audits of your entire IT infrastructure, to ensure any possibility of a breach is prevented. 
  • Cyber security education – The leading cause of data breaches is simply human error. Teaching and training your staff on the basics and fundamentals of cyber security through cyber security training is an essential step towards preventing your business from targeted cybercrime. 

 

Whether it is for your business or just for yourself, Infuse Technology offers a variety of cyber security services that can give you the heavy duty protection needed to keep your systems safe from online criminals. Get in touch today to find out what we can do to protect you from cybercrime. 

Request your free consultation call today

Talk through your IT needs with one of our friendly technicians – no commitment, no cost!

Complete our contact form and one of our experts will be in touch, or call our team on 01332 374444.

Filter by:

Array
(
)
Search
1 2 3 57
© Infuse Technology 2024