Snowflake Suffers Major Data Breach, Hacker Demands $20 Million Ransom

May 31, 2024, 06:02 PM

Snowflake ($SNOW), a cloud storage giant, has suffered a significant data breach. The breach was confirmed by Hudson Rock, who reported that the hacker gained access through an infostealer infection. A Snowflake employee named Audrey Delou, a Sales Engineer in EMEA, had her account compromised, which provided substantial access to sensitive data. GitLab's Snowflake account is also believed to have been compromised for a long time. Over 400 companies' data has been affected, and the hacker is demanding $20 million to return the data. Some companies have already paid the ransom. Snowflake has stated that there is no evidence suggesting the breach was due to a vulnerability or misconfiguration in their product, and they do not believe they are the source of the leaked customer credentials. The hacker reportedly used someone’s ServiceNow credentials to gain access.