Maintaining constant vigilance over your accounts can make all the difference when cyberattacks of this magnitude occur.
The cybersecurity landscape has taken a hit, with a series of attacks putting numerous users’ sensitive data at risk. The consequences of these violations are not yet entirely clear, but it is clear that the situation requires maximum attention from everyone, especially those who use cloud services.
Security experts are working tirelessly to understand the scope and implications of these attacks, but it is clear that the damage could be significant. In this context, it is essential to stay informed and take all necessary precautions to protect your personal and financial data.
Hacker attack on a major online service provider: the situation is more complex than expected
Recently, it emerged that the cloud storage provider Snowflakes was at the center of a large hacker attack, compromising the data of more than 165 customers. Among the companies affected, the names of stand out well-known companies, such as Ticketmaster and Santander (one of the most important Spanish banks).
Ticketmaster, for example, confirmed the record theft of 560 million data, a number that includes the names, addresses, phone numbers, and partial credit card numbers of its customers, later put up for sale on the dark web. The Spanish bank Santander also revealed that it had been the victim of the theft of confidential data of its account holders, offered on the same virtual market.
There is a detail in this story that should make us reflect on how important it is for users to act actively to protect their data: the compromised accounts were not configured with multifactor authentication, a security system that could have prevented the breach. All users, therefore, should equip themselves with this type of additional protection as soon as possible.
According to Mandiant’s investigations, the operation is attributed to a hacker group known as UNC5537, whose members are mainly located in North America. This group targets financial extortion and uses various aliases on Telegram to operate. Research revealed that the wave of breaches began as early as November 2020, with activity peaking last April.
Mandiant’s analysis showed that there was no mismanagement on Snowflake’s part, although cybersecurity expert Kevin Beaumont has harshly criticized the company’s authentication system. A document for strengthening the security of Snowflake environments has also been made available, useful for all customers of the service.
