Several Snowflake cloud computing customers hit by hackers
US cloud-computing and AI data cloud firm Snowflake has revealed that a number of its clients have suffered from cyber attacks.
SHARE
In a joint statement with CrowdStrike and Mandiant, Snowflake revealed that the attacks appear to be part of a targeted campaign.
“We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” said Snowflake.
“We have not identified evidence suggesting this activity was caused by compromised credentials of current or former Snowflake personnel, this appears to be a targeted campaign directed at users with single-factor authentication as part of this campaign, threat actors have leveraged credentials previously purchased or obtained through info-stealing malware, and we did find evidence that a threat actor obtained personal credentials to and accessed demo accounts belonging to a former Snowflake employee.
“It did not contain sensitive data. Demo accounts are not connected to Snowflake’s production or corporate systems. The access was possible because the demo account was not behind Okta or multifactor authentication (MFA), unlike Snowflake’s corporate and production systems.”
