Questions? Call us today: (516) 778-5639

authID Home
authID Home

Data Breach Insights

Snowflake Account Takeover Data Breach

  • One of the largest data breaches ever
  • No MFA and hundreds of customer passwords shared online
  • Biometric authentication would have likely prevented it

 

 

Home » Major Security Breaches » Snowflake Account Takeover Data Breach

What Happened

According to a June 6, 2024 Wired article a hack against customers of the cloud storage company Snowflake looks like it may turn into one of the biggest-ever data breaches. Last week, Snowflake, which allows companies to store huge datasets on its servers, revealed that criminal hackers had been attempting to access its customers’ accounts using stolen login details. Data breaches targeting Ticketmaster and Santander have been linked to the attacks.

In the days since Snowflake first said a “limited number” of customer accounts had been accessed, however, cybercriminals have publicly claimed to be selling stolen data from two other major firms and alleged the information was taken from Snowflake accounts. At the same time, TechCrunch reported that hundreds of Snowflake customer passwords have been found online and are accessible to cybercriminals.

Amid the claims, there remains uncertainty about the scope and scale of the attempted attack against Snowflake customers, who the attackers may be, and how an attack tool callously named “rapeflake” operates. It also highlights the growth in the use of infostealer malware in recent years and underscores the need for third-party software providers and companies to turn on multi-factor authentication to reduce the chances of accounts being compromised.

How It Happened

Snowflake chief information security officer Brad Jones said that this was a “targeted campaign directed at users with single-factor authentication” and using credentials stolen from info-stealing malware or obtained from previous data breaches.

The lack of MFA appears to be how cybercriminals downloaded huge amounts of data from Snowflake customers’ environments, which weren’t protected by the additional security layer.

authID Impact

If all Snowflake customer accounts enrolled the account owner’s facial biometrics in authID’s robust biometric authentication solution for login access, it would require attackers to authenticate using their face to access the different Snowflake customer accounts. authID’s authentication would be unaffected by smishing attacks, SIM swap attacks, or device malware attacks, which can compromise traditional MFA solutions. This is because authID’s biometric authentication is not tied to any device or phone number but is directly bound to the Snowflake account. If an attacker attempted to use a digital facial image of a Snowflake account owner by presenting it to a camera or injecting it through software, hardware, or network methods, it would be identified as a presentation or injection attack, resulting in blocked access.

Some of the Top Financial, Medical and Hospitality Brands Trust authID

Beem Logo from authID
Hamilton Reserve Bank Logo from authID
ABM Logo from authID
ABR American Board of Radiology Logo from authID
PickleJar Logo from authID
Syntrove Logo from authID
Intellicheck Logo from authID
Kompliant Logo from authID
KaiaSoft Logo from authID
IDMWORKS Logo from authID
EinStrong Foundation Logo from authID
ShotPro Logo from authID
authID Free Trial Image

According to IBM Cost of a Data Breach Report - 2023

The average data breach in the US last year cost business $4.4M. Biometric verification would have helped stop it.

Set up a free 30-day trial today to help prevent a data breach!

We will contact you within 24 hours to set up your demo.
authID Free Trial Image

According to IBM Cost of a Data Breach Report - 2023