Accident – Death – Obituary News : : 1. Ticketmaster data breach
2. Snowflake data security incident
Security researchers have reported a significant volume of data stolen from hundreds of Snowflake cloud storage customers through compromised login credentials, linked to massive data breaches at Ticketmaster and Santander Bank. Mandiant, investigating alongside Snowflake, identified a financially motivated threat actor, UNC5537, behind the theft. At least 165 affected Snowflake customer organizations have been notified. The breaches at Ticketmaster, Santander Bank, and QuoteWizard have been traced back to Snowflake accounts. Mandiant found that the UNC5537 group systematically compromised customers using stolen credentials, with poor security practices exacerbating the issue. The campaign is expected to target more platforms in the future.
You may also like to watch : Who Is Kamala Harris? Biography - Parents - Husband - Sister - Career - Indian - Jamaican Heritage
The Snowflake Cloud Storage Data Breach
Security researchers have uncovered a major data breach affecting hundreds of Snowflake cloud storage customers. The incident, which has been linked to breaches at Ticketmaster and Santander Bank, has raised concerns about the security of cloud storage services.
Investigation by Mandiant
Mandiant, a leading security firm, is currently investigating the data theft alongside Snowflake. The firm has identified the threat actor responsible for the breach as UNC5537, a financially motivated group. At least 165 Snowflake customer organizations have been notified of potential compromises, with the threat activity first detected in April.
Connection to Recent Data Breaches
The data breaches at Ticketmaster, Santander Bank, and QuoteWizard have all been linked to compromised Snowflake cloud storage accounts. While details on how the accounts were breached were initially scarce, Mandiant’s investigation has shed light on the methods used by UNC5537 to steal data from Snowflake customers.
You may also like to watch: Is US-NATO Prepared For A Potential Nuclear War With Russia - China And North Korea?
Method of Compromise
Mandiant has revealed that UNC5537 obtained login credentials through historical infostealer malware infections on non-Snowflake-owned systems. These stolen credentials, some dating back to 2020, were used to access Snowflake customer instances and extract valuable data for sale on cybercriminal forums.
Poor Security Practices
The success of the UNC5537 campaign can be attributed to poor security practices on the part of impacted accounts. Many victims failed to update their login credentials or implement basic security measures such as multi-factor authentication (MFA) or network allow lists. As a result, UNC5537 was able to exploit these vulnerabilities and compromise numerous accounts.
Future Threats
Mandiant warns that the list of victims is likely to grow as UNC5537 continues its campaign. The group is expected to target additional platforms in the near future, posing a significant threat to organizations that do not prioritize cybersecurity. It is crucial for businesses to review their security measures and take proactive steps to protect their data from malicious actors.
In Conclusion
The Snowflake cloud storage data breach highlights the importance of robust security practices in an increasingly digital world. Organizations must remain vigilant against cyber threats and ensure that their data is adequately protected. By learning from incidents like this breach, businesses can strengthen their defenses and safeguard sensitive information from falling into the wrong hands.