Snowflake hacker arrested over data breach and extortion

Canadian man arrested in connection with Snowflake data breachThe breach affected hundreds of millions of customersThis was likely a ‘credential stuffing’ attack

Canadian authorities have confirmed that an arrest has been made in connection to the significant breach of Snowflake earlier in 2024.

Alexander ‘Connor’ Moucka (aka Waifu and Judische) was taken into custody on October 30 following a request by US law enforcement, and is now due to appear in court. The exact nature of the charges are unknown, as extradition requests are considered confidential state-to-state communications, so both nations declined to comment.

Security firm Mandiant recently confirmed it was still monitoring ‘Judische’, who was still actively targeting software-as-a-service (Saas) organizations up until very recently. The group behind the original attack is said to be primarily from North America, with one member also in Turkey.

Extortion and data theft

Around 165 organizations had their sensitive data stolen in the attack, which used brute force tactics on the cloud storage provider to breach a series of organizations and extort as much as $3 million from them in total.

Snowflake claimed the breach was a result of a credential stuffing attack and did not originate inside its infrastructure. This suggests the attackers purchased login combinations (usually on the dark web) and essentially just tried countless logins until they found one that worked.

The attacks affected millions of people’s data, and breached companies including the likes of AT&T, Santander, and Live Nation Entertainment (Ticketmaster). Ticketmaster alone reported the loss of 500 million people’s data, making this one of the biggest data breaches in history.

Telecoms giant AT&T reportedly paid $370,000 for a member of the hacking team earlier in 2024 to provide evidence that they had deleted the stolen call records for tens of millions of customers.

Via Bloomberg

Take a look at our picks for best identity theft protectionThe Snowflake breach tells us that passwords aren’t enoughCheck out our choices for best malware removal

Related posts

New Androxgh0st botnet targets vulnerabilities in IoT devices and web applications via Mozi integration

TrueNAS device vulnerabilities exposed during hacking competition

Could this be Dell’s fastest laptop ever built? Dell Pro Max 18 Plus set to have ‘RTX 5000 class’ GPU capabilities and Tandem OLED display

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More