Security News > 2024 > May > Snowflake account hacks linked to Santander, Ticketmaster breaches
A threat actor claiming recent Santander and Ticketmaster breaches says they stole data after hacking into an employee's account at cloud storage company Snowflake.
Snowflake disputes these claims, saying recent breaches were caused by poorly secured customer accounts.
The threat actor claims they wanted to blackmail Snowflake into buying back the stolen data for $20 million, but the company didn't reply to their extortion attempts.
BleepingComputer was able to confirm that both Santander and Ticketmaster are using Snowflake's cloud storage services.
The cloud storage provider also warned customers on Friday that it's investigating "An increase" in attacks targeting some of their accounts, with Snowflake CISO Brad Jones adding that some customer accounts were compromised on May 23.
Jones says Snowflake notified all customers of the attacks and urged them to secure their accounts and data by enabling multi-factor authentication.
News URL
Related news
- The number of known Snowflake customer data breaches is rising (source)
- Pure Storage confirms data breach after Snowflake account hack (source)
- Lessons from the Snowflake Breaches (source)
- Los Angeles Unified confirms student data stolen in Snowflake account hack (source)
- Neiman Marcus confirms data breach after Snowflake account hack (source)