Pure Storage confirmed that unauthorized access to a single Snowflake data analytics workspace compromised telemetry containing customer support-related information like company names, email addresses, and more.
No compromising data like passwords or customer system information was accessed, as this information is not part of the telemetry communicated outside the storage array.
Pure Storage took immediate action to prevent further unauthorized access, ensuring no unusual activity was detected across its systems or customer systems. Their cybersecurity firm's findings have been validated.
The incident at Snowflake, possibly impacting hundreds of victims, connecting to breaches at Ticketmaster and Santander suggests credential stuffing technique was used, with Snowflake's CISO attributing some blame to inadequately secured customer environments.
[
add
]
[
|
|
...
]