Snowflake Planning Switch To Default MFA Amid Attacks: Report

The change reportedly could be disclosed soon as the company’s optional multifactor authentication has come under scrutiny.

Snowflake reportedly plans to switch over to having MFA turned on by default for users of its cloud data platform, amid a number of data theft attacks linked to compromised Snowflake accounts.

CEO Sridhar Ramaswamy (pictured) told Runtime that it’s now become clear that the company needs to act after several major breaches have been blamed on Snowflake accounts that were only secured with a password.

[Related: Snowflake Data Cloud Summit 2024: The Biggest News]

The attacks against Ticketmaster and Santander Bank—and reportedly Advance Auto Parts, as well—have brought scrutiny to Snowflake’s policy of optional MFA.

Snowflake documentation posted online shows that “at this time, users are not automatically enrolled in MFA.”

“To use MFA, users must enroll themselves,” the Snowflake online documentation reads.

While average users are notoriously averse to MFA, this sort of policy would seem to signal to malicious actors that Snowflake users are potentially vulnerable to being compromised with simply a username and password.

To that end, TechCrunch reported that it has viewed more than 500 stolen credentials posted online, containing usernames, passwords and URLs of the Snowflake login pages.

Speaking with Runtime, Ramaswamy said that the switch to default MFA will be rolled out soon.

In response to an inquiry from CRN, Snowflake pointed to an online statement updated Friday, which indicates the company is “developing a plan to require our customers to implement advanced security controls, like multi-factor authentication (MFA) or network policies, especially for privileged Snowflake customer accounts.”