Snowflake cloud customers warned against data theft and extortion attacks

Snowflake, a data-as-a-service firm headquartered in Montana, USA, has recently garnered attention in Google news for unsettling reasons. A threat actor known as UNC5537 claims to have compromised the servers of Snowflake’s AI-driven Data Cloud after obtaining credentials from an employee. This breach raises concerns about potential data theft and the looming threat of ransomware-based cyberattacks in the near future.

Responding to the attack, the Australian Cyber Security Centre (ACSC) has advised Australian organizations to deactivate inactive accounts and closely monitor active accounts to prevent unauthorized access.

In contrast to media speculation, Snowflake has denied any connection between the recent data breach and previous incidents involving Ticketmaster and Santander Bank. The breach allegedly exposed the personal details of over 600,000 customers, including names, email addresses, contact numbers, physical addresses, bank transaction records, and card payment information.

According to Snowflake’s report, the data leak was not a result of human error or failure to address vulnerabilities. Nevertheless, the company is implementing comprehensive security measures to mitigate risks and prevent similar incidents in the future.

The rise in cyber threats targeting cloud-based businesses underscores the importance of proactive security measures. Threat actors are motivated by financial gains and employ tactics such as data theft and ransom demands, creating a significant risk for organizations. Additionally, the possibility of double extortion attacks further amplifies the urgency for robust security protocols.

In light of these challenges, it is imperative for firms to prioritize proactive security measures to mitigate risks before they escalate further.

Purestorage is the first company to announce a data breach after Snowflake was hit by a cyber attack, followed by Bank Of America.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display