We’ve not recognized proof suggesting this exercise was attributable to a vulnerability, misconfiguration, or breach of Snowflake’s platform;
We’ve not recognized proof suggesting this exercise was attributable to compromised credentials of present or former Snowflake personnel;
This seems to be a focused marketing campaign directed at customers with single-factor authentication;
As a part of this marketing campaign, risk actors have leveraged credentials beforehand bought or obtained by means of infostealing malware; and
We did discover proof {that a} risk actor obtained private credentials to and accessed demo accounts belonging to a former Snowflake worker. It didn’t comprise delicate information. Demo accounts aren’t linked to Snowflake’s manufacturing or company techniques. The entry was attainable as a result of the demo account was not behind Okta or Multi-Issue Authentication (MFA), not like Snowflake’s company and manufacturing techniques.
