Suspect at the support of Snowflake recordsdata-theft assaults arrested in Canada
Canadian authorities have arrested a person suspected of getting stolen the records of a entire bunch of tens of millions after focusing on over 165 organizations, all of them possibilities of cloud storage firm Snowflake.
Basically based on Canada’s Division of Justice, Alexander “Connor” Moucka (aka “Waifu” and “Judische”) became once taken into custody on Wednesday at the count on of the United States and is scheduled to appear in court docket yet again this day, as first reported by Bloomberg and confirmed by 404 Media.
“Following a count on by the United States, Alexander Moucka (a.ok.a. Connor Moucka) became once arrested on a provisional arrest warrant on Wednesday October 30, 2024,” Ian McLeod, a spokesperson for Canada’s Division of Justice, told BleepingComputer on Tuesday.
“He appeared in court docket later that afternoon and his case became once adjourned to Tuesday November 5, 2024. As extradition requests are regarded as confidential speak-to-speak communications, we won’t observation further on this case.”
A joint investigation by SnowFlake, Mandiant, and CrowdStrike learned that an attacker (tracked at the time as UNC5537) used customer credentials stolen the exhaust of infostealer malware to center of attention on as a minimal 165 organizations that failed to configure multi-factor authentication (MFA) protection on their SnowFlake accounts.
That’s correct a dinky allotment of the 9,400 Snowflake possibilities, alongside with your entire record including some of the most life like possible potential corporations worldwide, equivalent to Mastercard, Micron, NBC Universal, Capital One, Adobe, AT&T, Kraft Heinz, Doordash, HP, Okta, PepsiCo, Siemens, US Foods, Western Union, Yamaha, and hundreds of others.
Knowledge breaches linked to these assaults, which began in April 2024, have affected a entire bunch of tens of millions of americans the exhaust of the products and providers of AT&T, Ticketmaster, Santander, Pure Storage, Attain Auto Ingredients, Los Angeles Unified, QuoteWizard/LendingTree, and Neiman Marcus.
In leisurely Might perchance presumably well, Ticketmaster confirmed that recordsdata became once stolen from its Snowflake myth after a probability actor acknowledged as ShinyHunters began the recordsdata of 560 million Ticketmaster possibilities.
In July, AT&T also warned of a broad recordsdata breach after probability actors stole the determination logs of approximately 109 million possibilities (the majority of its cell possibilities) from an on-line database on the firm’s Snowflake myth between April 14 and April 25, 2024.
Snowflake has since announced that it would perchance presumably implement multi-factor authentication (MFA) for accounts created initiating in October 2024 and require that every one passwords be as a minimal 14 characters long.
