June 3, 2024 at 10:35PM
Hudson Rock has removed its report about cybercriminals breaching Snowflake’s systems and stealing data from customers like Ticketmaster and Santander Bank, following legal pressure from Snowflake. Snowflake denies any breach, stating that stolen individual customer account credentials may have been used. The breach’s extent and impact are subject to ongoing investigation and speculation in the information security community.
The meeting notes provided are a detailed analysis regarding the data breach incident involving Snowflake and its customers, such as Ticketmaster and Santander Bank. The notes discuss the removal of an online report by Hudson Rock due to legal pressure from Snowflake, as well as the conflicting statements from Snowflake and Hudson Rock regarding the security breach.
Snowflake’s response denies that its underlying security was breached and attributes potential data theft to compromised customer account credentials rather than a general compromise of its security. Snowflake CISO Brad Jones stated that while a Snowflake worker’s credentials were stolen, they were only for worthless demo accounts, and a limited number of actual customer accounts were compromised due to a targeted campaign directed at users with single-factor authentication.
The notes also mention statements from infosec watcher Kevin Beaumont and the Australian government’s cybersecurity center, warning about successful compromises of companies utilizing Snowflake environments. The incident has drawn attention as well due to the publication of stolen data by a group known as ShinyHunters, and the potential impact on Snowflake’s business and its customers.
The focus appears to be on the fallout from the incident and the possible implications for Snowflake and its customers.
Please let me know if there’s anything specific you would like me to address or any particular takeaways you would like to emphasize from these meeting notes.