Harry Males in Security On 06/07/2024

Hackers steal data of hundreds of millions by breaching Snowflake cloud analytics service.

Snowflake Company’s Systems Breached by Hackers

Hackers have utilized malicious software to penetrate the systems of Snowflake, an American company that handles cloud data analysis. As a result, millions of personal records were stolen, mainly people who are consumers for Snowflake’s clientele companies. Notably, clients of Santander Bank and Ticketmaster fell victim to this cybercrime, revealing extensive and significant data breaches.

Widespread Breach Affecting Major Companies

Australian authorities raised concerns last week about confirmed cyber-attacks on several companies utilizing Snowflake’s services. However, these companies were not named. Meanwhile, hackers announced on their forums that they successfully stole hundreds of millions of Santander Bank and Ticketmaster records – two of Snowflake’s largest clients. Santander confirmed the database breach, executed by an unnamed third-party provider. Furthermore, Live Nation confirmed that it’s subsidiary company, Ticketmaster’s data, was stolen and stored on Snowflake.

Snowflake itself acknowledged awareness of “potentially unauthorized access” to a “limited number” of customer accounts, although no specifics were given. There were no evidence of direct system breaches, according to the cloud operator. The company believes the breach was targeted at single-factor authentication users via malware designed to steal stored passwords. Despite storing sensitive client data, Snowflake lets clients handle their security, without imposing two-factor authorization, which hackers likely exploited. The intrusion into a sample account only protected by username and password was also acknowledged, however, no sensitive data was contained.

Stolen Logins and Password Found Online

An anonymous, cybercrime-savvy source shared with TechCrunch a website publishing compromised login details. The site revealed over 500 logins and passwords providing access to Snowflake’s systems. Santander and Ticketmaster, at least two pharmaceutical giants, a fresh water supplier, a food delivery service, and other organizations owned these credentials. The list also contained exposed usernames and passwords possibly owned by a former Snowflake employee.

Indirect evidence indicated that malware seized these credentials. Several company email addresses, used as usernames for accessing the Snowflake platform, were found among millions of stolen logins and passwords published on Telegram. Snowflake has suspended accounts showing signs of malicious activity, emphasizing that users are responsible for enabling multifactor authorization. The company is currently considering all options for implementing multifactor authorization, although the final plan has not been confirmed yet.

This post was last modified on 06/07/2024

Next Read: Intel does not believe that Arm can capture half of the PC processor market »

Harry Males: Hey there, I'm Harry Males, your go-to news writer at Dave's iPAQ, where I traverse the intricate landscape of technology, reporting on the latest developments that shape our digital world. With a pen in hand and a passion for all things tech, I dive deep into the realms of Software, AI, Cybersecurity, and Cryptocurrency to bring you the freshest insights and breaking news. Artificial Intelligence is not just a buzzword for me – it's a captivating realm where machines mimic human intelligence. From the wonders of machine learning to the ethical considerations of AI, I'm dedicated to keeping you informed about the advancements that are reshaping industries and everyday life. Beyond the bylines and breaking news, I believe in fostering a community of tech enthusiasts. Whether it's engaging in discussions on forums, attending tech conferences, or sharing insights on social media, I aim to connect with readers who share a passion for the ever-evolving world of technology.