Data Theft Impacts From Snowflake Attacks Continue To Expand: Reports

The fallout from the cyberattacks targeting Snowflake customers including Ticketmaster and Neiman Marcus Group is reportedly still growing.

The fallout from the cyberattacks targeting high-profile Snowflake customers is reportedly still growing, with an expanded impact claimed in two of the major incidents.

Separate reports have indicated that the theft of data from Ticketmaster and Neiman Marcus Group from the Snowflake attacks is yielding an increased risk of exposure for affected customers.

[Related: 10 Major Cyberattacks And Data Breaches In 2024 (So Far)]

CRN has reached out to Ticketmaster, Neiman Marcus Group and Snowflake for comment.

In June, widespread attacks targeting Snowflake customers led to a “significant” volume of data stolen and more than 100 customers known to be potentially impacted, according to researchers from Mandiant.

Neiman Marcus Group had been among the latest to join the list of victims of the Snowflake attacks. Troy Hunt, founder of the breach research site Have I Been Pwned, reportedly told BleepingComputer that email addresses belonging to more than 31 million customers of the retailer have been found to be exposed in the Snowflake-related attack.

Meanwhile, BleepingComputer separately reported that attackers leaked nearly 39,000 Ticketmaster print-at-home tickets as part of its extortion attempt against the company. The tickets are for 150 upcoming events, the site reported.

Other impacted companies in the Snowflake campaign have included Santander Bank, Pure Storage and Advance Auto Parts. The wave of data theft attacks are believed to be utilizing stolen passwords.

A cybercriminal group has been “suspected to have stolen a significant volume of records from Snowflake customer environments,” researchers at Mandiant said. Impacted accounts have not been configured with MFA (multifactor authentication), Mandiant researchers confirmed previously.

In a blog post Tuesday, Snowflake said it’s now possible for administrators to make MFA mandatory for users and to monitor for compliance. “To help drive MFA adoption, we’re taking steps to promote individual compliance for Snowflake users,” the company said in the post.