Security News > 2024 > June > Mandiant Report: Snowflake Users Targeted for Data Theft and Extortion

Mandiant Report: Snowflake Users Targeted for Data Theft and Extortion
2024-06-12 19:34

A new report from Mandiant, part of Google Cloud, reveals that a financially motivated threat actor named UNC5537 collected and exfiltrated data from about 165 organizations' Snowflake customer instances.

Snowflake is a cloud data platform used for storing and analyzing large volumes of data.

How were some Snowflake users targeted for this data theft and extortion?

The threat actor then gained access to the affected accounts, which allowed the exfiltration of a significant volume of customer data from the respective Snowflake customer instances.

Must-read security coverage What was the initial access and data exfiltration methods in this Snowflake attack?

The attack campaign appears to be a targeted campaign aimed at Snowflake users with single-factor authentication.


News URL

https://www.techrepublic.com/article/snowflake-data-theft-extortion/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Snowflake 6 0 5 8 0 13