So apparently the hackers targeted Snowflake customers, Ticketmaster Santander etc, who FOR SOME REASON, DIDN’T HAVE 2FA TURNED ON ON THEIR SNOWFLAKE ACCOUNT?! HUH!!?

  • powerofm
    link
    fedilink
    English
    arrow-up
    4
    ·
    7 months ago

    we have not identified evidence suggesting this activity was caused by compromised credentials of current or former Snowflake personnel;

    we did find evidence that a threat actor obtained personal credentials to and accessed demo accounts belonging to a former Snowflake employee. It did not contain sensitive data. Demo accounts are not connected to Snowflake’s production or corporate systems.

    They’re claiming that no breach occured on any production systems. If they were really just demo accounts, then skipping the MFA is understandable.