The Snowflake situation is worsened by AT&T's major data leak, which was revealed seven weeks after the hack

4 months ago 540

The massive telecommunications company AT&T revealed on Friday in a regulatory filing that hackers had gained access to call and text message logs of subscribers for a six-month period in 2022 by breaking into a cloud platform that held consumer data. According to AT&T's complaint, the information contains phone numbers, the total length of calls, and certain facts about mobile sites.

Snowflake was the owner of the cloud service, an AT&T representative informed Industrialist. On Friday, Snowflake's stock dropped 1.8% while the Nasdaq gained 0.6%.

Related : The 10 Most Reliable Ways to Fund a Startup

Since Snowflake revealed the breach in a blog post on May 30, stating, "We became aware of potentially unauthorized access to certain customer accounts on May 23, 2024," this is the most serious instance. Snowflake hired Mandiant, an Alphabet subsidiary, and cybersecurity software provider CrowdStrike to assist in the investigation.

Last month, Mandiant stated in a blog post that 165 "potentially exposed organizations" had been informed of the incident by the company and Snowflake through their "Victim Notification Program." Mandiant attributed the intrusion to a financially driven organization named UNC5537, which has members in both Turkey and North America. UNC5537 relied on login credentials that were acquired independently via malware and made public online.

The most well-known businesses involved in the Snowflake breach up until Friday were Advance Auto Parts, LendingTree, Live Nation, the operator of Ticketmaster, and Santander Bank, which had announced in mid-May, before Snowflake made its announcement, that "We recently became aware of an unauthorized access to a Santander database hosted by a third-party provider." 

Related : Value Statement: Why Your Business Needs It for Success