Researchers have discovered a significant leak of more than 500 account credentials belonging to Snowflake customers, linked to a recent security breach that affected companies such as Banco Santander and Ticketmaster. Banco Santander reported unauthorized access to a database hosted by an external provider, affecting clients and employees in several countries. Similarly, TicketMaster experienced a security incident resulting in the exposure of data from 560 million users, including sensitive information.
Snowflake, a cloud data storage and analysis service, acknowledged an ongoing threat campaign targeting some customer accounts. The company, along with cybersecurity experts, is investigating this issue. Snowflake identified a limited number of compromised customer accounts, allegedly targeted due to single-factor authentication. This indicates that malicious actors may have exploited credentials obtained through information theft malware.
Recent reports reveal that over 500 login credentials supposedly belonging to Snowflake customers are now available online. These credentials could be used by cybercriminals for malicious purposes. Employees’ credentials were likely stolen through information theft malware, affecting companies like Banco Santander, Ticketmaster, pharmaceutical giants, and others. Snowflake customers are encouraged to enforce multi-factor authentication (MFA) security measures to protect their accounts.
Snowflake does not require the use of MFA for customer logins, putting the responsibility on users to enable this security feature. The availability of login credentials online poses a significant risk, highlighting the importance of implementing robust security protocols. Customers should prioritize safeguarding their accounts against potential cyber threats to prevent unauthorized access and data breaches.