Sridhar Ramaswamy, CEO of Snowflake and former co-founder and CEO of startup Neeva, spoke at the Collision conference in Toronto on June 21, 2022.
Eoin Noonan | Sports Files | Collision | Getty Images
Snowflake The software company’s problems have only worsened over the past seven weeks as the company has been dealing with the fallout from a massive cyberattack that compromised sensitive data of several customers.
Telecommunications giant AT&T AT&T said in a regulatory filing Friday that hackers broke into a cloud platform that stores customer data and accessed subscribers’ call and text message records for a six-month period in 2022. The data includes phone numbers, call minute totals and details for some cell towers, AT&T said in the filing.
An AT&T spokesperson told CNBC that the cloud service is owned by Snowflake, whose shares fell 1.8% on Friday, while the Nasdaq rose 0.6%.
This is the most serious incident since Snowflake. Disclosed Snowflake reported the breach on May 30, writing in a blog post at the time that it “became aware of possible unauthorized access to certain customer accounts on May 23, 2024.” Snowflake engaged the services of a cybersecurity software vendor. Crowdstrike and Alphabetical Mandiant investigates.
Mandiant Blog Post Last month, the company and Snowflake announced that they had alerted 165 “potentially at-risk organizations” about the incident through their “Victim Notification Program.” Mandiant blamed the hack on a financially motivated group called UNC5537, which has members in North America and Turkey, who used malware to exploit login credentials that had been separately stolen and made available online.
The most prominent companies involved in the Snowflake breach before Friday were Advance Auto PartsLendingTree, Ticketmaster Operator Live Nation Santander Bank is Mid MayPrior to Snowflake’s disclosure, the company said: “We recently became aware of unauthorized access to a Santander database hosted by a third-party provider.”
AT&T is much larger. 242 million As of the end of last year, the company had 128 million wireless mobility service customers and 128 million connected devices in the U.S.
The company said the exposed data involved “nearly all AT&T wireless and virtual mobile carrier customers” who use its wireless network.
“While the data does not include customer names, there are often ways to find names associated with specific phone numbers using publicly available online tools,” AT&T wrote. The attackers did not have access to the content of calls or text messages.
A Snowflake spokesperson declined to comment when asked about the AT&T hack, instead pointing to the company’s previous statements about the attack.
Mandiant said in a blog post that some of the malware infections on Snowflake’s systems date back to 2020, and that the credentials were still valid years after they were stolen. In one particular instance, the credentials were stolen from a PC used by a contractor for a Snowflake client, and the device was also used for personal activities such as downloading pirated software.
According to Mandiant, UNC5537 only needed usernames and passwords to get into customers’ Snowflake environments because they didn’t have multi-factor authentication turned on. From there, the hackers exported “large amounts of customer data.” UNC5537 then began trying to extort money from victims and sell the customer data online, Mandiant added.
AT&T said Friday it doesn’t expect the attack to have a material impact on its finances.
But Snowflake Investors are being warned The company could face reputational loss and “significant liability” if it “experiences an actual or perceived security breach or if an unauthorized third party gains access to our customer data, our data or our platform.”
Earlier this week, Snowflake Blog Post It states that administrators can enforce the mandatory use of multi-factor authentication.
The growing turmoil has posed a growing challenge for Sridhar Ramaswamy, a former Google executive who replaced Frank Slootman as Snowflake’s CEO in February. Days before the hack was revealed, Snowflake’s shares fell 5% after management lowered its full-year adjusted operating profit forecast.
Founded in 2012, Snowflake went public in 2020, raising more than $3 billion in the largest initial public offering ever for a software company. After a surge on its first day of trading, giving it a market capitalization of more than $70 billion, Snowflake’s shares have since fallen, closing at $134.73 on Friday, giving it a market capitalization of about $45 billion.
