Pure Storage pwned, claims data plundered by crims who broke into Snowflake workspace

Pure Storage pwned, claims data plundered by crims who broke into Snowflake workspace

June 11, 2024 at 02:10PM

Pure Storage confirmed a data breach involving a single Snowflake data analytics workspace. No customer data was compromised, but telemetry information such as company names and email addresses was accessed. Security firm Mandiant identified a common factor in the breaches as the lack of Multi-Factor Authentication. Pure Storage stated that its broader infrastructure remains unaffected.

Based on the meeting notes provided, here are the key takeaways:

1. Pure Storage has confirmed being a victim of a Snowflake-related data breach, specifically a compromise of a single Snowflake data analytics workspace.
2. The compromised workspace contained telemetry information used for customer support, including company names, LDAP usernames, email addresses, and Purity software release version numbers, but not compromising information such as passwords or customer data stored on their systems.
3. Pure Storage emphasized that its wider infrastructure remains unscathed, and it is actively monitoring customers’ systems for any concerning activity.
4. The company engaged a leading cybersecurity firm to validate its conclusions regarding the compromised workspace and is committed to providing transparent updates to its customers.
5. The breach is believed to be linked to the gathering of Snowflake credentials by the group known as UNC5537, with around 80 percent of affected organizations having their valid credentials exposed before being breached.
6. Snowflake clarified that there was no compromise to its own infrastructure and attributed the breaches to customers using single-factor authentication, emphasizing the importance of Multi-Factor Authentication (MFA) in 2024.

Let me know if you need any further information or if there’s anything else I can assist you with.

Full Article