In May 2024, major data breaches at Snowflake’s customers, including Ticketmaster and Santander, exposed terabytes of data. These breaches were linked to compromised customer accounts due to previously exposed credentials, not Snowflake's infrastructure. The lack of multi-factor authentication played a critical role in the breaches. In response, Snowflake's CISO, Brad Jones, stated the company is transitioning from a traditional shared-responsibility security model to a shared-destiny model, emphasizing proactive security collaboration with customers to enhance their security posture.
It was an unfortunate situation that our customers went through, and we've really pivoted from a shared-security model to more of a shared-destiny model with our customers.
If something's in the news on Snowflake, or a customer that happens to involve Snowflake, it's negative for both.
The breaches weren't the result of a compromise in Snowflake's infrastructure, but were due to compromised customer credentials.
None of the compromised accounts had multi-factor authentication enabled, a safeguard that likely would have prevented unauthorized access.
Collection
[
|
...
]