CTOLCTOL Solutions
CTOL Digital SolutionsCTOL Digital Solutions FRCTOL Digital Solutions DACHCTOL 디지털 솔루션希图科技
News
Services CIO/CTO AdvisoryCloud ComputingDigital Marketing and SalesData Science and Business IntelligenceGenerative AI for BusinessWeb3 and Defi for EnterpriseWeb and Mobile Apps DevelopmentDigital Business ConsultancyLegacy App ModernizationWeb Design and User Experience
Industries Aerospace and DefenseAutomotiveBankingCapital MarketsCommunications and MediaConsumer Goods and ServicesEnergyHealth and Health CareInternetManufacturingInsurancePublic & Social SectorRetailTravelTelecommunicationsPharmaPrivate Equity & venture CapitalEducationOil and GasReal EstateConstruction and Building MaterialLegal ServicesGastronomy and Hospitality
InsightsSoftwareAI Tools
Contact Us
Snowflake Data Breach: 165 Customer Accounts Compromised

Snowflake Data Breach: 165 Customer Accounts Compromised

By
Luisa Martinez
1 min read
InternetApp

Cybercriminal Group Compromises 165 Snowflake Customers

A cybercriminal group, tracked as UNC5537, has recently compromised up to 165 customers of the cloud storage provider Snowflake. This breach occurred as a result of stolen login credentials obtained through information-stealing malware. Among the affected customers is QuoteWizard, a subsidiary of Lending Tree. The company is currently investigating the extent of the data breach, with initial findings indicating that no consumer financial information has been impacted. However, the compromised accounts lacked multifactor authentication, a critical security measure that could have prevented the breaches. Mandiant, the security firm enlisted by Snowflake, has identified UNC5537 as a financially motivated group primarily based in North America. The attackers have been found selling the stolen data on cybercriminal forums, exploiting credentials often stolen years ago and never updated.

Key Takeaways

  • 165 Snowflake customers compromised by information-stealing malware.
  • QuoteWizard and Live Nation among affected companies.
  • Stolen data includes partial credit card numbers and customer details.
  • Compromises due to lack of multifactor authentication and outdated credentials.
  • UNC5537, a financially motivated group, responsible for the attacks.

Analysis

The compromise of 165 Snowflake customers, including QuoteWizard and Live Nation, underscores the vulnerability of cloud services without multifactor authentication. The use of outdated credentials by UNC5557, a North American-based cybercriminal group, emphasizes the critical need for regular security updates. Short-term impacts include data breaches and potential financial losses for affected companies, while long-term consequences may involve reputational damage and increased regulatory scrutiny. This incident could potentially drive broader adoption of robust security protocols across the cloud storage industry, thereby enhancing overall cybersecurity standards.

Did You Know?

  • Snowflake: A cloud-based data warehousing platform designed to handle large-scale data storage and processing.
  • Multifactor Authentication (MFA): A security system that requires more than one method of authentication to verify the user's identity.
  • UNC5537: A threat actor designation used by cybersecurity firms to track specific cybercriminal groups.

You May Also Like

This article is submitted by our user under the News Submission Rules and Guidelines. The cover photo is computer generated art for illustrative purposes only; not indicative of factual content. If you believe this article infringes upon copyright rights, please do not hesitate to report it by sending an email to us. Your vigilance and cooperation are invaluable in helping us maintain a respectful and legally compliant community.

Subscribe to our Newsletter

Get the latest in enterprise business and tech with exclusive peeks at our new offerings