Snowflake 2024 Breaches: 165+ Organizations Compromised via Stolen Credentials
Attackers used credentials stolen by infostealer malware to access 165+ Snowflake customer environments lacking MFA.
Unlock Full Privacy Intelligence
Get deep-dive reports on every company that touches your data. SeekerPro members see breach timelines, DSAR success rate...
Learn MoreAudit Your Site Free
Run a full privacy and compliance audit on any website in 60 seconds. NexusBro scans cookie consent, tracker behavior, a...
Learn MoreAutomate Privacy Compliance
Stop wasting hours on manual DSAR filings and cookie consent management. BliniBot handles the busywork so your team can ...
Learn MoreData Types Exposed
Response Timeline
April 2024: Threat actors begin accessing accounts
June 2024: Mandiant reports 165+ organizations affected
June-July 2024: Individual company disclosures
November 2024: Alexander Moucka arrested
Detailed Analysis
The Snowflake incident was a campaign targeting customers who had not enabled multi-factor authentication. Major victims included AT&T (110 million call records), Ticketmaster (560 million customers), Santander (30 million customers).
The breach at Snowflake Customers exposed Hundreds of millions across all companies records through stolen credentials from infostealer malware used to access snowflake accounts lacking mfa. Hundreds of millions across AT&T, Ticketmaster, Santander, and 160+ others The incident highlights the ongoing challenges organizations face in protecting sensitive user data against increasingly sophisticated attack vectors. Security researchers have noted that breaches of this magnitude often result from a combination of technical vulnerabilities and organizational failures in security practices.
Current status: 165+ companies affected; one suspect arrested; Snowflake mandated MFA. Affected users should take immediate steps to protect their accounts, including changing passwords, enabling multi-factor authentication, and monitoring financial accounts for unauthorized activity. Filing a DSAR with Snowflake Customers can help you understand what data was exposed and request its deletion.
What To Do If Affected
- Change your password immediately on this service and any accounts using the same password
- Enable two-factor authentication on all critical accounts
- Monitor your credit reports for unauthorized activity
- Consider placing a credit freeze with major bureaus
- File a complaint with your local data protection authority
Protect Your Data Across Every Platform
Tools trusted by thousands of privacy-conscious users worldwide
No card charged today. Cancel anytime.
Frequently Asked Questions
How many records were affected in the Snowflake Customers breach?
The Snowflake Customers data breach affected Hundreds of millions across all companies records. Data types exposed include: varies by company — customer records, financial data, call records, health data.
What should I do if I was affected by the Snowflake Customers breach?
If you were affected, change your passwords immediately, enable two-factor authentication, monitor your credit reports, and consider placing a credit freeze. You can also submit a DSAR to Snowflake Customers requesting deletion of your data.
Is there compensation for Snowflake Customers breach victims?
165+ companies affected; one suspect arrested; Snowflake mandated MFA Check if a class action settlement exists and whether you are eligible to file a claim.