September 16, 2024 at 12:53PM Snowflake has made multi-factor authentication (MFA) the default for all new user accounts, following investigations into data thefts. This change follows pressure to enhance security, with additional password strength measures also being implemented. Snowflake aims to eliminate password-only authentication in the long term and advises users to consult security best … Read more
July 10, 2024 at 12:52PM Mandiant’s report linked data thefts to Snowflake account intrusions due to lacking multi-factor authentication controls. In response, Snowflake now offers a mandatory MFA option and a new authentication policy. The Snowflake Trust Center and security scanner packages are now available, aiming to promote MFA adoption and secure configurations. Snowflake denies … Read more
June 25, 2024 at 04:31PM Neiman Marcus’s customer information, including names, contact details, gift card numbers, and more, was stolen and offered for sale on the dark web. While the breach did not include credit card data, it prompted the luxury retailer to disable access to the cloud service, engage cybersecurity experts, and notify law … Read more
June 4, 2024 at 07:06AM Snowflake, in collaboration with CrowdStrike and Mandiant, has reported a targeted campaign against a limited number of its customers. The company recommends enabling multi-factor authentication and limiting network traffic to trusted locations to prevent unauthorized access. U.S. CISA and ACSC issued alerts, and it’s advised to look for signs of … Read more
June 3, 2024 at 10:35PM Hudson Rock has removed its report about cybercriminals breaching Snowflake’s systems and stealing data from customers like Ticketmaster and Santander Bank, following legal pressure from Snowflake. Snowflake denies any breach, stating that stolen individual customer account credentials may have been used. The breach’s extent and impact are subject to ongoing … Read more