Sources
Loading...
Additional media
Loading...
DeepNewz, mobile.
People-sourced. AI-powered. Unbiased News.
A cybercriminal group known as UNC5537 has targeted Snowflake customer database instances, resulting in significant data theft and extortion. Mandiant's investigations revealed that UNC5537 accessed multiple Snowflake instances using stolen credentials from various infostealer malware campaigns. The attacks have affected 165 organizations, including Ticketmaster, whose data was accessed through a contractor named EPAM Systems. EPAM has workers in Belarus, Ukraine, and Russia, with the breach reportedly occurring through an EPAM worker in Ukraine. Hackers from the group ShinyHunters claim to have stolen data of 560 million Ticketmaster users through this breach. Mandiant has released a threat-hunting guide to help defenders mitigate such attacks.
🚨HACKERS STEAL DATA OF 560 MILLION TICKETMASTER USERS THROUGH SNOWFLAKE Hackers from ShinyHunters claim they stole data from Ticketmaster’s Snowflake account by breaching EPAM Systems, a third-party contractor. They allegedly accessed an EPAM worker’s computer infected with… https://t.co/Bg7Bqby5Rx
🚨 #Snowflake customer database instances are being targeted for data theft and extortion. To help defenders, we've released our Snowflake #threathunting guide ➡️ https://t.co/HfqrTaaY6g Read our blog post for findings on this campaign: https://t.co/tC6j9xMNTd #Mandiant https://t.co/clYwin1laD
Update on Snowflake Cyber Threat https://t.co/VTsMXSz2Qd #Cybersecurity #Cloud #ConsumerProtection @magcybersec https://t.co/lDvLT5I46b
