Security update - Snowflake notification of data theft - July 17, 2024

In June 2024, Mandiant identified a threat campaign targeting Snowflake customer databases, with the intent of data theft and extortion.

Investigation findings

Mandiant's investigation revealed no evidence of unauthorized access originating from a breach within Snowflake's enterprise environment. All incidents were traced back to compromised customer credentials, not from Snowflake's systems.

Potential impact

Unauthorized access to Catalyst's Snowflake database.

Actions taken

  1. Password Alteration: We have reset users passwords to enhance security.
  2. Two-Factor Authentication (2FA): We have enabled 2FA for an additional layer of protection.
  3. Log Review: We conducted a comprehensive scan of the last 5 months' logs to detect any unauthorized access attempts.

Results

After a thorough review of Snowflake's logs, no unauthorized access was identified over the past 5 months.

Conclusion

The probability of Catalyst being targeted by unauthorized users is low. Implementing password changes and 2FA has further minimized this risk. Our customers' data's security is our top priority, and we are committed to maintaining robust measures to protect your information.

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request