November 5, 2024 at 01:45AM Canadian authorities arrested Alexander “Connor” Moucka, suspected of hacking linked to the Snowflake data breach. The breach targeted several major companies, and attackers, possibly part of group UNC5537, extorted victims with threats to sell stolen data. Moucka’s specific charges remain unknown as investigations continue. ### Meeting Takeaways: Data Breach / … Read more
June 26, 2024 at 01:41PM Neiman Marcus confirmed data theft affecting 65,000 customers through attacks on Snowflake. “Sp1d3r” sold personal data for $150,000. Over 70 million transactions, 50 million emails, and 12 million gift card numbers were for sale. UNC5537 accessed accounts using valid credentials due to lack of multifactor authentication, impacting 165 organizations. Strengthening … Read more
June 25, 2024 at 10:55AM Luxury retailer Neiman Marcus confirmed a data breach after hackers attempted to sell the company’s stolen database from recent Snowflake data theft attacks. The breach impacted 64,472 people, exposing personal information such as names, contact details, and gift card numbers. The breach was likely linked to threat actor “Sp1d3r” and … Read more
June 25, 2024 at 10:47AM Luxury retailer Neiman Marcus confirmed a data breach after hackers attempted to sell the company’s data from a recent attack. Personal information of 64,472 people was affected, but gift card PINs were not compromised. The breach is linked to the Snowflake data theft attacks, with the threat actor attempting to … Read more
June 21, 2024 at 03:08PM UNC5537, a cybercriminal group, has recently targeted several companies, stealing millions of customer records and demanding large ransoms. An analysis suggests the breaches were due to compromised credentials and poor authentication controls. The incidents highlight the need for stronger security measures, including widespread adoption of multifactor authentication and stricter access … Read more
June 11, 2024 at 02:10PM Pure Storage confirmed a data breach involving a single Snowflake data analytics workspace. No customer data was compromised, but telemetry information such as company names and email addresses was accessed. Security firm Mandiant identified a common factor in the breaches as the lack of Multi-Factor Authentication. Pure Storage stated that … Read more
June 11, 2024 at 03:21AM As many as 165 Snowflake customers had their data potentially exposed in a campaign targeting data theft and extortion, identified as UNC5537 by Mandiant. The group is believed to operate under various aliases, targeting organizations worldwide and collaborating with a party based in Turkey. Snowflake is taking measures to enhance … Read more
June 10, 2024 at 11:32PM Unknown financially motivated crime crew “UNC5537” has stolen a substantial amount of data from Snowflake customers by using stolen credentials. The crew may have ties to “Scattered Spider” and has targeted multiple organizations by compromising contractor systems. The theft was enabled by the absence of multi-factor authentication and the use … Read more
June 10, 2024 at 05:48PM Mandiant’s investigation confirmed that recent account compromises at Snowflake were due to customers’ failure to implement multifactor authentication (MFA) and access control. Attackers systematically accessed accounts using stolen credentials obtained elsewhere. Compromised accounts’ data was extorted or sold on cybercrime forums. MFA implementation and stronger authentication methods are recommended to … Read more