Head Topics

Snowflake denies miscreants melted its security to steal data from top customers

United Kingdom News News

Snowflake denies miscreants melted its security to steal data from top customers
United Kingdom Latest News,United Kingdom Headlines
  • 📰 TheRegister
  • ⏱ Reading Time:
  • 54 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 25%
  • Publisher: 61%

Infosec house claims Ticketmaster, Santander hit via cloud storage

Infosec analysts at Hudson Rock believe Snowflake was compromised by miscreants who used that intrusion to steal data on hundreds of millions of people from Ticketmaster, Santander, and potentially other customers of the cloud storage provider. Snowflake denies its security was defeated.

"We recently became aware of an unauthorized access to a Santander database hosted by a third-party provider," the bank said in a statement."We apologise for the concern this will understandably cause and are proactively contacting affected customers and employees directly. We have also notified regulators and law enforcement and will continue to work closely with them.

These credentials were supposedly used to sign into the employee's ServiceNow account, bypassing Snowflake's Okta-based access management system. Once inside, it's claimed, the criminals were able to generate session tokens that were used to exfiltrate large quantities of customer data from Snowflake's systems, with the apparent goal of holding it for a claimed $20 million ransom. It doesn't appear the money was ever paid, if Snowflake was indeed compromised.

"Research indicates that these types of attacks were performed using our customers' user credentials that were exposed through unrelated cyber threat activity."

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

TheRegister /  🏆 67. in UK

United Kingdom Latest News, United Kingdom Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

It may take decade to shore up software supply chain security, says infosec CEOIt may take decade to shore up software supply chain security, says infosec CEOSure, we're waking to the risk, but we gotta get outta bed, warns Endor Labs founder Varun Badhwar
Read more »

CISA says 'no more' to decades-old directory traversal bugsCISA says 'no more' to decades-old directory traversal bugsRecent attacks on healthcare thrust infosec agency into alert mode
Read more »

Ten years since the first corp ransomware, Mikko Hyppönen sees no end in sightTen years since the first corp ransomware, Mikko Hyppönen sees no end in sightOn the plus side, infosec's a good bet for a long, stable career
Read more »

From infosec to skunks, RSA Conference SVP spills the teaFrom infosec to skunks, RSA Conference SVP spills the teaKeynotes, physical security, playlists … the buck stops with Linda Gray Martin
Read more »

Ten years since the first corp ransomware, Mikko Hyppönen sees no end in sightTen years since the first corp ransomware, Mikko Hyppönen sees no end in sightOn the plus side, infosec's a good bet for a long, stable career
Read more »

Microsoft's Brad Smith summoned by Homeland Security committee over 'cascade' of infosec failuresMicrosoft's Brad Smith summoned by Homeland Security committee over 'cascade' of infosec failuresMajor intrusions by both China and Russia leave a lot to be answered for
Read more »



Render Time: 2025-02-21 12:47:23