Security News > 2024 > June > The number of known Snowflake customer data breaches is rising

US-based Snowflake is a cloud data storage and analytics company with 9,800+ global customers, including Mastercard, Honeywell, Pfizer, Wolt, Adobe, and others.

Ten days ago, it was revealed that a threat actor has been stealing data from organizations that use the Snowflake cloud-based platform, and that the attacks began in April 2024.

Santander Group Live Nation Entertainment subsidiary TicketMaster LendingTree confirmed that they've been notified by Snowflake that QuoteWizard "May have had data impacted by this incident" Advance Auto Parts.

On Friday, Snowflake CISO Brad Jones reiterated their preliminary findings and said that they "Have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake's platform," nor "By compromised credentials of current or former Snowflake personnel".

"We are also developing a plan to require our customers to implement advanced security controls, like multi-factor authentication or network policies, especially for privileged Snowflake customer accounts."

The shared responsibility model makes MFA enforcement a responsibility of the customers, but it is unfortunate that the implementation of additional security controls wasn't a prerequisite from the get-go, given that companies house massive amounts of sensitive data in their Snowflake cloud environments, and given how widespread info-stealer use is.

News URL

https://www.helpnetsecurity.com/2024/06/10/snowflake-customer-data-breaches/