Cybersecurity expert Mandiant published a blog post today detailing their findings to date about the targeted threat campaign against some Snowflake customer accounts. Mandiant's investigation validates Snowflake’s initial findings. There is no evidence that unauthorized access to Snowflake customer accounts stemmed from a breach of Snowflake's enterprise environment. As part of this campaign, threat actors have leveraged credentials previously purchased or obtained through infostealing malware, and they appear to have been targeting users with single-factor authentication. We have been directly working with our customers to ensure the safety of their accounts and data, including locking accounts that had activity associated with this threat campaign. As we shared in our statement, we are also developing a plan to require our customers to implement advanced security controls, like multi-factor authentication (MFA) or network policies. We will share more on this in the coming weeks.
Very informative
Thanks for sharing
Product Manager | Product Security, Data Security, IAM, Platform as a Service, Data-Driven
4wBut in the end, these attacks hurt - I am yours truly - A security enthusiast and Snowflake investor!