Recent data breaches at Ticketmaster and Santander seem to be linked to unsecured accounts with Snowflake, a cloud data management platform. Ticketmaster confirmed a breach that exposed personal details of over 550 million customers, while Santander has seen data stolen from customers and employees. The cyber criminals behind the breaches, known as ShinyHunters, are demanding large ransoms. Snowflake is investigating the incidents and recommending customers implement multi-factor authentication and other security measures.
There is dispute over the cause of the breaches, with Snowflake claiming the issues were due to customer failings, while other information suggests attackers gained access through a Snowflake employee’s account. Despite conflicting accounts, the incidents highlight the importance of securing identities in cloud environments. Experts recommend implementing SaaS security programs and continuous monitoring to protect against breaches. Cloud providers, like Snowflake, should also promote secure practices to enhance overall security for their customers.
