A hack against customers of the cloud storage company Snowflake looks like it may turn into one of the biggest-ever data breaches. Last week, Snowflake, which allows companies to store huge datasets on its servers, revealed that criminal hackers had been attempting to access its customers’ accounts using stolen login details. Data breaches targeting Ticketmaster and Santander have been linked to the attacks.
In the days since Snowflake first said a “limited number” of customer accounts had been accessed, however, cybercriminals have publicly claimed to be selling stolen data from two other major firms and alleged the information was taken from Snowflake accounts. At the same time, TechCrunch has reported that hundreds of Snowflake customer passwords have been found online and are accessible to cybercriminals.
Amid the claims, there remains uncertainty about the scope and scale of the attempted attack against Snowflake customers, who the attackers may be, and how an attack tool callously named “rapeflake” operates. It also highlights the growth in the use of infostealer malware in recent years and underscores the need for third-party software providers and companies to turn on multifactor authentication to reduce the chances of […]