In June 2024, Mandiant identified a threat campaign targeting Snowflake customer databases, with the intent of data theft and extortion.
Investigation findings
Mandiant's investigation revealed no evidence of unauthorized access originating from a breach within Snowflake's enterprise environment. All incidents were traced back to compromised customer credentials, not from Snowflake's systems.
Potential impact
Unauthorized access to Catalyst's Snowflake database.
Actions taken
- Password Alteration: We have reset users passwords to enhance security.
- Two-Factor Authentication (2FA): We have enabled 2FA for an additional layer of protection.
- Log Review: We conducted a comprehensive scan of the last 5 months' logs to detect any unauthorized access attempts.
Results
After a thorough review of Snowflake's logs, no unauthorized access was identified over the past 5 months.
Conclusion
The probability of Catalyst being targeted by unauthorized users is low. Implementing password changes and 2FA has further minimized this risk. Our customers' data's security is our top priority, and we are committed to maintaining robust measures to protect your information.