Snowflake Is Working to Beef Up Security Controls as Firms Probe Breaches
(Bloomberg) -- Snowflake Inc. is trying to get its clients to impose stronger security controls as companies including Advanced Auto Parts Inc. and Live Nation Entertainment Inc. investigate potential data breaches.
Most Read from Bloomberg
Apple to ‘Pay’ OpenAI for ChatGPT Through Distribution, Not Cash
Hunter Biden Was Convicted. His Dad’s Reaction Was Remarkable.
Chinese Trader’s $20 Million Pile of Russian Copper Goes Missing
Gavin Newsom Wants to Curb a Labor Law That Cost Businesses $10 Billion
US Inflation Broadly Cools in Encouraging Sign for Fed Officials
The cloud-based data analytics firm has said that hackers were targeting some of its customers’ accounts and had used either information-stealing malware or purchased credentials in an attempt to breach users that didn’t have multifactor authentication set up. In a Friday blog, the company said it’s developing a plan that would require customers to take advanced security measures such as establishing MFA, which requires someone to verify their identity in two or more ways.
The move comes a week after Ticketmaster owner Live Nation said it had discovered “unauthorized activity” within a third-party cloud database containing the company’s data and that someone was trying to sell alleged customer data on the dark web. The ticket seller’s database was hosted on Snowflake, a person familiar with the situation said, asking not to be identified because the information isn’t public.
A day later, the Australian government issued a warning of “increased cyber activity” involving Snowflake customers, saying it was aware of “successful compromises.” And on Friday, Advanced Auto Parts said that it was looking into reports that the company was involved in a “security incident related to Snowflake.” Axios previously reported on Advanced Auto Parts’ statement.
The company has said it wasn’t responsible for a breach of Live Nation’s data and that it was working with Google’s Mandiant cybersecurity unit and CrowdStrike Inc. as part of an investigation. When asked about Advance Auto Parts’ and the Australian government’s statements, the company referred back to the posts on its website.
In its blog, Snowflake said the company hadn’t identified evidence suggesting that the recent activity by hackers was caused by a vulnerability on Snowflake’s platform.
A cybercriminal was offering to sell a trove of data about 560 million Ticketmaster customers on the dark web, but Bloomberg News couldn’t immediately verify the accuracy of the data.
Information-stealing malware has existed in some form or another for more than a decade. Hackers use such tools to compromise and gather data such as credit card numbers, web-browser activity and bank account information. The demand for this malware is on the rise, with some criminals offering the tools through $250 monthly subscriptions, cyber firm Flashpoint Inc. said.
ShinyHunters has claimed to be the gang behind the sale of the alleged Ticketmaster data. It is among several cybercrime groups with a history of attacking large organizations. The gang, which emerged in 2020, has also claimed to steal data from Microsoft Corp., the news website Mashable and the clothing brand Bonobos in recent years.
--With assistance from Ashley Carman.
Most Read from Bloomberg Businessweek
Israeli Scientists Are Shunned by Universities Over the Gaza War
The World’s Most Online Male Gymnast Prepares for the Paris Olympics
China’s Economic Powerhouse Is Feeling the Brunt of Its Slowdown
Grieving Families Blame Panera’s Charged Lemonade for Leaving a Deadly Legacy
©2024 Bloomberg L.P.