Swipe Insight Swipe Insight Logo

Snowflake's Silence on Customer Data Breaches Raises Concerns

June 09, 2024 at 2:25:44 PM

TL;DR Snowflake faces growing security issues after multiple customer data breaches, including LendingTree's QuoteWizard. Snowflake claims breaches are due to customers not using multi-factor authentication (MFA), which it doesn't enforce by default. The breaches were linked to stolen credentials and a compromised demo account. Snowflake plans to require MFA in the future but hasn't provided a timeline.

Snowflake's Silence on Customer Data Breaches Raises Concerns

Snowflake is facing significant security challenges due to recent customer data breaches. Following Ticketmaster, LendingTree confirmed that its subsidiary, QuoteWizard, experienced data theft linked to Snowflake. Snowflake attributes these breaches to customers not using multi-factor authentication (MFA), which it does not enforce by default. The company acknowledged that a former employee's demo account, protected only by a username and password, was compromised.

Key Issues

  • Customer Data Breaches: LendingTree confirmed data theft from its subsidiary, QuoteWizard, linked to Snowflake. Ticketmaster was the first to report a breach.
  • Lack of MFA: Snowflake attributes the breaches to customers not using MFA, a security measure it does not enforce by default.
  • Compromised Demo Account: A former Snowflake employee's demo account was compromised, highlighting a security flaw in Snowflake's model.

Snowflake's Response

  • Limited Communication: Snowflake has provided minimal information, reiterating that its systems were not breached and blaming the lack of MFA.
  • Notification to Customers: Snowflake has notified a limited number of customers but has not disclosed the exact number affected.
  • Investigation and Assistance: Snowflake has involved Mandiant for customer outreach and investigation.

Unresolved Questions

  • Scale of Impact: It remains unclear how many customers are affected.
  • Detection and Response Time: Questions arise about why Snowflake did not detect the data exfiltration sooner.
  • Role of Demo Account: Uncertainty surrounds the role of the compromised demo account in the breaches.
  • Definition of Sensitive Data: Snowflake has not clarified what it considers "sensitive data."

Future Actions

  • Potential MFA Rollout: Snowflake is considering enforcing MFA by default for its customers, especially for privileged accounts, but no timeframe has been provided.

Conclusion

Snowflake's security issues are ongoing, with multiple customer breaches linked to the lack of MFA. The company has been criticized for its limited communication and delayed response. Future plans may include enforcing MFA to enhance security.

Q&A

Have more questions on this topic? Ask our AI assistant for in-depth insights.

Read more from sources 👇

TechCrunch
TechCrunch
- Snowflake faces growing security issues after multiple customer data breaches, including LendingTree's QuoteWizard. Snow... Visit Source Open external source URL

The Only Digital Marketing Feed You'll Ever Need.

Stay informed your way. Tailored updates when and how you want them. 100% Free.

10,000+ Users

500+ Sources

1000+ Tools

Or

Related Posts

Marketing Workflows Powered by AI

Marketing Workflows Powered by AI

Featured
Markifact
Markifact

Verified Sponsor

Verified Sponsor

Markifact is a Verified Sponsor. Want to get featured here? Contact us.

Verified Sponsor
Open Source
dbt Now Available on Snowflake Marketplace as a Native App

dbt Now Available on Snowflake Marketplace as a Native App

Snowflake
Snowflake Launches Polaris: Open Catalog for Apache Iceberg to Prevent Vendor Lock-In

Snowflake Launches Polaris: Open Catalog for Apache Iceberg to Prevent Vendor Lock-In

Snowflake
Gemini Assistant Launches in BigQuery Data Canvas for Enhanced Data Analytics

Gemini Assistant Launches in BigQuery Data Canvas for Enhanced Data Analytics

Gemini BigQuery
Google Cloud
Google Cloud

Official Source

Official Source

Google Cloud is a Official Source. The source has been verified by Swipe Insight team.

Official Source
Meta moves Threads from threads.net to threads.com with new web features

Meta moves Threads from threads.net to threads.com with new web features

Threads
Meta
Meta

Official Source

Official Source

Meta is a Official Source. The source has been verified by Swipe Insight team.

Official Source
Google Ads expands Checkout on Merchant for Demand Gen campaigns in the US

Google Ads expands Checkout on Merchant for Demand Gen campaigns in the US

Google Ads Shopify
Google
Google

Official Source

Official Source

Google is a Official Source. The source has been verified by Swipe Insight team.

Official Source
Snapchat Launches Affiliate Program to Boost Ad Sales

Snapchat Launches Affiliate Program to Boost Ad Sales

Snapchat Ads
Snapchat
Snapchat

Official Source

Official Source

Snapchat is a Official Source. The source has been verified by Swipe Insight team.

Official Source
Google AdSense updates Policy center with new issue labels and filters for clarity

Google AdSense updates Policy center with new issue labels and filters for clarity

Google Adsense
Google
Google

Official Source

Official Source

Google is a Official Source. The source has been verified by Swipe Insight team.

Official Source

Related Tools

Markifact logo

Markifact

Verified Tool

Verified Tool

Markifact is a Verified Tool. Want to get this badge? Contact us.

Verified Tool

Marketing Workflows Powered by AI

Workflow Automation
Open in new tab
Featured
Marketing Auditor logo

Marketing Auditor

Verified Tool

Verified Tool

Marketing Auditor is a Verified Tool. Want to get this badge? Contact us.

Verified Tool

Automated audits for Google Ads and Analytics.

Ad Management
Open in new tab

Get Featured Here

Showcase your tool in this list.

Contact Us