This Week Health
SOAR 2024 Bluebird Leaders This Week HealthAlex's Lemonade Stand This Week Health
SUBSCRIBE NOW to receive top 7 stories daily to your inbox
<--  All Stories

UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion | Google Cloud Blog

June 17, 2024
cloud.google.com
Contributed by: Drex DeFord
Summary
Mandiant has detected a threat campaign, UNC5537, targeting Snowflake database instances with aims of data theft and extortion. Rather than breaching Snowflake's enterprise environment, the attackers leveraged compromised customer credentials, often obtained through infostealer malware, to access and exfiltrate significant volumes of data from affected accounts. These compromised accounts lacked multi-factor authentication and had not updated credentials over years. Mandiant has identified hundreds of affected organizations and, in collaboration with Snowflake, has been notifying potential victims while coordinating with law enforcement. The threat group has used various infostealer malware variants and stored stolen data across several VPS providers and MEGA for further extortion and sale on cybercriminal forums. The campaign highlights crucial gaps in credential security practices and the importance of multi-factor authentication and limiting access to trusted locations.
Transform Healthcare - One Connection at a Time

© Copyright 2024 Health Lyrics All rights reserved