Mandiant says hackers stole a 'significant volume of data' from Snowflake customers
What specific volume of data do security researchers believe was stolen from Snowflake's customers by cybercriminals?
Security researchers believe that a "significant volume of data" was stolen from Snowflake's customers by cybercriminals. The exact volume of data has not been specified.
Why has Snowflake not enforced multi-factor authentication or reset customer passwords in response to these security breaches?
Snowflake has not enforced multi-factor authentication (MFA) or reset customer passwords in response to the security breaches because the company has not yet developed a plan to do so1. According to a statement from Snowflake spokesperson Danica Stanczak, the company is currently "developing a plan" to enforce the use of MFA on its customers' accounts, but has not yet provided a timeline for implementation1. It is unclear why Snowflake has not taken these steps sooner, but it is important for companies to prioritize the security of their customers' data and take proactive measures to prevent future breaches.
How many Snowflake customers have been notified about potential data thefts as per Mandiant's investigation?
As per Mandiant's investigation, around 165 Snowflake customers have been notified about potential data thefts. The ongoing threat campaign has been attributed to UNC5537, a cybercriminal gang motivated by making money. The gang attempts to extort its victims into paying to get their files back or to prevent the public release of their customers' data. Mandiant confirmed the attacks date back to at least April 14, and the majority of stolen credentials used by UNC5537 were available from historical infostealer infections, with some dating as far back as 2020.