Scroll Top

Snowflake Cloud Security Breach Customer List Grows in to MOAB

Snowflake MOAB Explosion Large Image 8March2024

Ticketmaster Data Breach Potentially Succeeded due to Compromised Employee Credentials of Data Cloud Provider Snowflake

The Snowflake breach is raising concerns about the security of cloud storage providers. 560 million Ticketmaster customer accounts stolen from Snowflake Cloud.  The Data has been found on the dark web for sale at the price of $500,000 by the hacker group Shiny Hunters as a proxy for Threat Group.

Evidently a Snowflake employee who had a demo account to show customers Snowflakes data cloud service had their credentials stolen since they were not secured by Multifactor Authentication per company policy.  This allowed hackers to bypass security to access information that is stored on Snowflakes cloud.

The extent of this breach may be larger since other Snowflake customers like AT&T, HP, Instacart, and Mastercard use Snowflakes Cloud.

Ticketmaster is under severe scrutiny with customers and regulators demanding answers about their business practices.

Santander Bank Breach Exposes Personal Information of Customers Data on Snowflake Cloud

According to Santander data belonging to customers had been accessed through a third-party provider but no transactional data or credentials were affected that could lead to transactions being compromised.

Data leaked included HR details for staff, 30 million customers’ bank account details, and 28m credit card numbers.  Customer data was exposed in Chile, Spain, and Uruguay.  HR data was more widespread and affects current and former Santander employees.

Santander has activated the protocols necessary to block access to the data and has implemented fraud protection to protect those affected.

Advanced Auto Part Breach Confirmed Breach Data Stolen from Snowflake Cloud Provider Attack

The Snowflake Cloud Data Provider data breach is quickly becoming a domino affect as Advance Auto Part acknowledges the theft of 3 terabytes of data stolen. Advance Auto has about 4500 stores supplying customers with auto parts for their personal vehicles.

A Dataset containing 380 million customer profiles, 140 million customer orders, and employment candidate information with Social Security Numbers, license numbers and other demographics was all part of the data was stolen.

The Dataset is for sale for $1.5 million on the dark web by the hacking group Sp1dr3.

According to CrowdStrike and Mandiant (Google) this seems to have been a credential stuffing attack and not due to some exploitable vulnerability.

The Snowflake breach could intern result in the largest MOAB breach (Mother of All Breaches) ever.

Other potential organizations that could be next are companies like Adobe, AT&T, Kraft Heinz, Mastercard, Micron, Capital One, Doordash, HP, Nielsen, Novartis, Okta, PepsiCo, Siemens, and many others.

What can be done to protect your information:

  • Use strong passwords and never use them across multiple accounts
  • Implement 2-factor authentication
  • Regularly monitor your accounts for any strange activity and report it
  • Remain vigilant and on the lookout for Phishing e-mails, Smishing text messages, and Quishing QR code attacks.
  • Remember if it sounds too good to be true it isn’t

Ben Franklin once said, “A ounce of prevention is worth a pound of cure”.

#Breach, #SecurityBreach, #Cloud, #Riskassessment, #Vulnerabilityassessment, #PenetrationTest, #Compliance, #Hack


Leave a comment

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.