Risky Bulletin Newsletter
June 03, 2024
Risky Biz News: The Snowflake breach and the need for mandatory MFA
Presented by

News Editor
Cloud data platform Snowflake is dealing with a cybersecurity incident that is the perfect example of why every major *-as-a-platform company should be enforcing multi-factor authentication (MFA) by default for all their customer accounts.
The company began investigating a possible security breach after threat actors bragged on cybercrime forums about using access to its platform to scrape, collect, and then sell data from two major companies—Santander Bank and Ticketmaster.
An initial report from a cybersecurity vendor floated the idea that the threat actors may have gained access to a Snowflake employee's account and then pivoted to customer infrastructure.