this post was submitted on 01 Jun 2024
195 points (98.5% liked)

Technology

59666 readers
3852 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Access was gained through a third-party cloud database provider, which we know to be Snowflake.

top 7 comments
sorted by: hot top controversial new old
[–] apocalypticat 46 points 5 months ago

They should be charged an "inconvenience fee" for each and every person whose data was breached.

[–] [email protected] 23 points 5 months ago* (last edited 5 months ago) (1 children)

To put it bluntly, a single credential resulted in the exfiltration of potentially hundreds of companies that stored their data using Snowflake, with the threat actor himself suggesting 400 companies are impacted. The goal of the threat actor, as in most cases, was to blackmail Snowflake into buying their own data back for $20,000,000.

Santander, a major financial organization, had been breached, and all customer data was offered for sale: the price was $2 million.

Uh huh. A bank. So probably a lot of companies with important stuff.

goes to Snowflake website

Ah, they have a "customer" section that lists some customers with 202 entries.

Albertsons looks like the first.

https://www.snowflake.com/en/customers/all-customers/

Pfizer. Sainsbury's. PlayStation. AT&T. Euintelsat OneWeb (that's the sorta-kinda Starlink competitor). NHS Greater Manchester Integrated Care Partnership. Freddie Mac (large US government-backed mortgage lender). Capital One, a bank. Anthem, a major health insurer. A bunch of California government institutions. NatWest, a bank. Western Union. Vimeo. Siemens. Comcast. Cedar Health, a company that provides healthcare billing services. Aflac, an insurance company.

Yup, sounds like this isn't good.

Well, I've said before that it'd probably take some kind of really catastrophic computer security event for things to change.

[–] roofuskit 6 points 5 months ago

The cyber insurance market has already hardened a lot over the last few years. It was just starting to ease up but I'm guessing this will cause even stricter underwriting requirements.

[–] NOT_RICK 8 points 5 months ago

my work has been migrating to snowflake for the past year, great…

[–] [email protected] 6 points 5 months ago

As usually, I've read out this here in the last couple of days and still no email communication from Ticketmaster.

[–] [email protected] 3 points 5 months ago
[–] [email protected] 2 points 5 months ago

I've been wondering about this a little, if the exposure is greater than just increased spam and phishing risk (due to PII info being breached).

If they've got hashed credit card details and the last 4 digits, could they fire guesses at the hashes (just like l0phtcrack for CCs instead of windows SAM databases)?

How much risk is there to people's personal funds via their credit cards?