"In early 2024, a breach involving Snowflake, Inc. sent a quiet shockwave through boardrooms across industries. Attackers bypassed perimeter defenses entirely; no malware, no exploit kit, no zero-day. They simply walked through an identity gap: weak credentials and excessive permissions. The attackers pivoted laterally inside multiple customer environments (AT&T, Santander Bank, Ticketmaster, etc.) and exfiltrated large volumes of sensitive data."
"One of the many customers impacted by the Snowflake data breach was Ticketmaster, which was using Snowflake systems for marketing and analytics. Hackers used a compromised Snowflake account to access Ticketmaster database, which resulted in the breach of 1.3 terabytes of data of 560 million individuals, triggering numerous lawsuits from customers. This breach demonstrated that in cloud ecosystems, third-party data platforms become extensions of your attack surface, and when not protected, they can result in havoc."
In early 2024, attackers compromised Snowflake credentials and exploited excessive permissions to bypass perimeter defenses and move laterally across multiple customer environments. Attackers accessed data belonging to organizations including AT&T, Santander Bank, and Ticketmaster, exfiltrating large volumes of sensitive information. Ticketmaster suffered a breach exposing 1.3 terabytes of data for 560 million individuals and faced numerous lawsuits. Most cloud incidents stem from misconfigurations, over-privileged identities, or exposed APIs, and 83% of organizations reported a cloud security breach in the past 18 months. Rapid cloud expansion outpaces governance, turning APIs and third-party platforms into extended attack surfaces.
Read at Computerworld
Unable to calculate read time
Collection
[
|
...
]