Snowflake has issued a statement disputing claims made by some threat actors that were published by a security vendor. The vendor, in response to a legal threat from Snowflake, subsequently deleted their article. The Hacker News reports:
Cloud computing and analytics company Snowflake said a “limited number” of its customers have been singled out as part of a targeted campaign.
“We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” the company said in a joint statement along with CrowdStrike and Google-owned Mandiant.
“We have not identified evidence suggesting this activity was caused by compromised credentials of current or former Snowflake personnel.”
It further said the activity is directed against users with single-factor authentication, with the unidentified threat actors leveraging credentials previously purchased or obtained through information-stealing malware.
Additional details are available on The Hacker News and in Snowflake’s forum post..