Canadian authorities have actually detained a male believed of having actually taken the information of numerous millions after targeting over 165 companies, all of them consumers of cloud storage business Snowflake.
According to Canada's Department of Justice, Alexander “Connor” Moucka (aka “Waifu” and “Judische”) was collared on Wednesday at the demand of the United States and is arranged to appear in court once again today, as initially reported by Bloomberg and validated by 404 Media.
“Following a demand by the United States, Alexander Moucka (a.k.a. Connor Moucka) was apprehended on a provisionary arrest warrant on Wednesday October 30, 2024,” Ian McLeod, a representative for Canada's Department of Justice, informed BleepingComputer on Tuesday.
“He appeared in court later on that afternoon and his case was adjourned to Tuesday November 5, 2024. As extradition demands are thought about personal state-to-state interactions, we can not comment even more on this case.”
A joint examination by SnowFlake, Mandiant, and CrowdStrike discovered that an opponent (tracked at the time as UNC5537) utilized client qualifications taken utilizing infostealer malware to target a minimum of 165 companies that stopped working to set up multi-factor authentication (MFA) defense on their SnowFlake accounts.
Snowflake attack circulation (Mandiant)
That is simply a small part of the 9,400 Snowflake consumers, with the total list consisting of a few of the biggest business worldwide, such as Mastercard, Micron, NBC Universal, Capital One, Adobe, AT&T, Kraft Heinz, Doordash, HP, Okta, PepsiCo, Siemens, United States Foods, Western Union, Yamaha, and numerous others.
Information breaches connected to these attacks, which began in April 2024, have actually impacted numerous countless people utilizing the services of AT&T, Ticketmaster, Santander, Pure Storage, Advance Auto Parts, Los Angeles Unified, QuoteWizard/LendingTree, and Neiman Marcus.
In late May, Ticketmaster verified that information was taken from its Snowflake account after a hazard star called ShinyHunters started the information of 560 million Ticketmaster clients.
In July, AT&T likewise cautioned of a huge information breach after hazard stars took the call logs of roughly 109 million clients (almost all of its mobile consumers) from an online database on the business's Snowflake account in between April 14 and April 25, 2024.
Snowflake has actually given that revealed that it will impose multi-factor authentication (MFA) for accounts produced beginning in October 2024 and need that all passwords be at least 14 characters long.
