Snowflake Rolls Out Mandatory MFA Plan

December 11, 2024 at 08:46AM Snowflake will require all customers to enable multifactor authentication (MFA) by November 2025, following a three-phase policy change. After incidents of attacks on customers, this measure aims to enhance security, with guides available for migration. Failure to comply will result in access being blocked after specified deadlines. ### Meeting Takeaways: … Read more

Snowflake slams ‘more MFA’ button again – months after Ticketmaster, Santander breaches

September 16, 2024 at 12:53PM Snowflake has made multi-factor authentication (MFA) the default for all new user accounts, following investigations into data thefts. This change follows pressure to enhance security, with additional password strength measures also being implemented. Snowflake aims to eliminate password-only authentication in the long term and advises users to consult security best … Read more

Snowflake lets admins make MFA mandatory across all user accounts

July 10, 2024 at 12:52PM Mandiant’s report linked data thefts to Snowflake account intrusions due to lacking multi-factor authentication controls. In response, Snowflake now offers a mandatory MFA option and a new authentication policy. The Snowflake Trust Center and security scanner packages are now available, aiming to promote MFA adoption and secure configurations. Snowflake denies … Read more

Fiend touts stolen Neiman Marcus customer info for $150K

June 25, 2024 at 04:31PM Neiman Marcus’s customer information, including names, contact details, gift card numbers, and more, was stolen and offered for sale on the dark web. While the breach did not include credit card data, it prompted the luxury retailer to disable access to the cloud service, engage cybersecurity experts, and notify law … Read more

Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers

June 4, 2024 at 07:06AM Snowflake, in collaboration with CrowdStrike and Mandiant, has reported a targeted campaign against a limited number of its customers. The company recommends enabling multi-factor authentication and limiting network traffic to trusted locations to prevent unauthorized access. U.S. CISA and ACSC issued alerts, and it’s advised to look for signs of … Read more

Hudson Rock yanks report fingering Snowflake employee creds snafu for mega-leak

June 3, 2024 at 10:35PM Hudson Rock has removed its report about cybercriminals breaching Snowflake’s systems and stealing data from customers like Ticketmaster and Santander Bank, following legal pressure from Snowflake. Snowflake denies any breach, stating that stolen individual customer account credentials may have been used. The breach’s extent and impact are subject to ongoing … Read more