Snowflake's incident involved threat actors using obtained login details, targeting single-factor authentication users.
Snowflake, with CrowdStrike and Mandiant, found no evidence of compromised credentials but former employee demo accounts accessed.
Snowflake denies breach due to platform vulnerabilities and clarifies lack of evidence regarding compromise of current or former personnel credentials.
US Cybersecurity Agency issued an alert about Snowflake incident; Australia's Cyber Security Center noted successful compromises in companies using Snowflake environments. [ more ]