Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
TechRadar

Snowflake hacker arrested over data breach and extortion

Security padlock and circuit board to protect data.

  • Canadian man arrested in connection with Snowflake data breach
  • The breach affected hundreds of millions of customers
  • This was likely a 'credential stuffing' attack

Canadian authorities have confirmed that an arrest has been made in connection to the significant breach of Snowflake earlier in 2024.

Alexander ‘Connor’ Moucka (aka Waifu and Judische) was taken into custody on October 30 following a request by US law enforcement, and is now due to appear in court. The exact nature of the charges are unknown, as extradition requests are considered confidential state-to-state communications, so both nations declined to comment.

Security firm Mandiant recently confirmed it was still monitoring ‘Judische’, who was still actively targeting software-as-a-service (Saas) organizations up until very recently. The group behind the original attack is said to be primarily from North America, with one member also in Turkey.

Extortion and data theft

Around 165 organizations had their sensitive data stolen in the attack, which used brute force tactics on the cloud storage provider to breach a series of organizations and extort as much as $3 million from them in total.

Snowflake claimed the breach was a result of a credential stuffing attack and did not originate inside its infrastructure. This suggests the attackers purchased login combinations (usually on the dark web) and essentially just tried countless logins until they found one that worked.

The attacks affected millions of people’s data, and breached companies including the likes of AT&T, Santander, and Live Nation Entertainment (Ticketmaster). Ticketmaster alone reported the loss of 500 million people’s data, making this one of the biggest data breaches in history.

Telecoms giant AT&T reportedly paid $370,000 for a member of the hacking team earlier in 2024 to provide evidence that they had deleted the stolen call records for tens of millions of customers.

Via Bloomberg

You might also like

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.