Snowflake Is Working to Beef Up Security Controls as Firms Probe Breaches

(Bloomberg) -- Snowflake Inc. is trying to get its clients to impose stronger security controls as companies including Advanced Auto Parts Inc. and Live Nation Entertainment Inc. investigate potential data breaches.

Most Read from Bloomberg

• Apple to ‘Pay’ OpenAI for ChatGPT Through Distribution, Not Cash

• Hunter Biden Was Convicted. His Dad’s Reaction Was Remarkable.

• Chinese Trader’s $20 Million Pile of Russian Copper Goes Missing

• Gavin Newsom Wants to Curb a Labor Law That Cost Businesses $10 Billion

• US Inflation Broadly Cools in Encouraging Sign for Fed Officials

The cloud-based data analytics firm has said that hackers were targeting some of its customers’ accounts and had used either information-stealing malware or purchased credentials in an attempt to breach users that didn’t have multifactor authentication set up. In a Friday blog, the company said it’s developing a plan that would require customers to take advanced security measures such as establishing MFA, which requires someone to verify their identity in two or more ways.

The move comes a week after Ticketmaster owner Live Nation said it had discovered “unauthorized activity” within a third-party cloud database containing the company’s data and that someone was trying to sell alleged customer data on the dark web. The ticket seller’s database was hosted on Snowflake, a person familiar with the situation said, asking not to be identified because the information isn’t public.

A day later, the Australian government issued a warning of “increased cyber activity” involving Snowflake customers, saying it was aware of “successful compromises.” And on Friday, Advanced Auto Parts said that it was looking into reports that the company was involved in a “security incident related to Snowflake.” Axios previously reported on Advanced Auto Parts’ statement.

The company has said it wasn’t responsible for a breach of Live Nation’s data and that it was working with Google’s Mandiant cybersecurity unit and CrowdStrike Inc. as part of an investigation. When asked about Advance Auto Parts’ and the Australian government’s statements, the company referred back to the posts on its website.

In its blog, Snowflake said the company hadn’t identified evidence suggesting that the recent activity by hackers was caused by a vulnerability on Snowflake’s platform.

A cybercriminal was offering to sell a trove of data about 560 million Ticketmaster customers on the dark web, but Bloomberg News couldn’t immediately verify the accuracy of the data.

Information-stealing malware has existed in some form or another for more than a decade. Hackers use such tools to compromise and gather data such as credit card numbers, web-browser activity and bank account information. The demand for this malware is on the rise, with some criminals offering the tools through $250 monthly subscriptions, cyber firm Flashpoint Inc. said.

ShinyHunters has claimed to be the gang behind the sale of the alleged Ticketmaster data. It is among several cybercrime groups with a history of attacking large organizations. The gang, which emerged in 2020, has also claimed to steal data from Microsoft Corp., the news website Mashable and the clothing brand Bonobos in recent years.

--With assistance from Ashley Carman.

Most Read from Bloomberg Businessweek

• The Rise and Fall of a $600 Million Strip-Mall Tycoon

• Israeli Scientists Are Shunned by Universities Over the Gaza War

• The World’s Most Online Male Gymnast Prepares for the Paris Olympics

• China’s Economic Powerhouse Is Feeling the Brunt of Its Slowdown

• Grieving Families Blame Panera’s Charged Lemonade for Leaving a Deadly Legacy

©2024 Bloomberg L.P.