Snowflake shares fall after AT&T says hackers accessed data | Wilnesh News

snowflake The company has spent the past seven weeks dealing with the aftermath of a major cyberattack that compromised the sensitive customer data of several of its customers. The software company’s problems got worse.

telecom giant AT&T Hackers took advantage of a cloud platform that stores customer data and obtained users’ call and text message records for six months in 2022, it said in a regulatory filing on Friday. Number.

An AT&T spokesperson told CNBC that the cloud service is owned by Snowflake. Snowflake shares fell 1.8% on Friday, while the Nasdaq rose 0.6%.

This is the worst incident since Snowflake disclosed The breach, which occurred on May 30, wrote in a blog post at the time: “On May 23, 2024, we became aware that certain customer accounts may have been subject to unauthorized access.” Snowflake Gets Cyber ​​Security Software vendor assistance mass strike and alphabetical Order investigation.

Mandiant wrote in an article Blog article Last month, the company and Snowflake notified 165 “potentially exposed organizations” of the incident through the Victim Notification Program. Mandiant blamed the hack on a financially motivated group called UNC5537, which has members across North America and Turkey. UNC5537 exploits login credentials provided online after being individually stolen using malware.

Before Friday, the most prominent companies linked to the Snowflake breach were Advanced auto partsLendingTree, Ticketmaster operators live country and Santander, the bank said. mid maySnowflake’s disclosure follows “We recently became aware of unauthorized access to a Santander database hosted by a third-party provider.”

AT&T is bigger. The company had 242 million As of the end of last year, its wireless mobile service customers in the United States had reached 128 million units.

The carrier said the leaked data covers “nearly all AT&T wireless customers and MVNO customers” who use its wireless network.

“While the data does not include customer names, there are often ways to find names associated with specific phone numbers using publicly available online tools,” AT&T wrote. Attackers cannot access the content of calls or text messages.

A Snowflake spokesperson had no comment when asked about the AT&T hack. The spokesperson pointed to the company’s previous statement about the attack.

Mandiant said in its blog post that some malware infections in Snowflake systems date back to 2020, and that in some cases, credentials were still valid years after they were stolen. In some cases, the credentials were stolen onto computers used by contractors for Snowflake customers — devices that were also used for personal activities, including downloading pirated software.

Mandiant said the username and password were enough to allow UNC5537 to enter the customer’s Snowflake environment because they did not have multi-factor authentication turned on. From there, the hackers exported “a large amount of customer data.” Mandiant added that UNC5537 has since begun extorting victims and attempting to sell customer data online.

AT&T said Friday it did not expect the attack to have a significant impact on its finances.

But snowflakes have warn investors The company could face reputational damage and “significant liability” if it “experiences an actual or perceived security breach or otherwise gains access to our customer data, our materials or our platform by unauthorized parties.”

Earlier this week, Snowflake released Blog article Says administrators can force multi-factor authentication.

The deepening saga is an increasing challenge for former Google executive Sridhar Ramaswamy, who succeeded Frank Slootman in February. Snowflake CEO. Days before the hack was disclosed, Snowflake shares fell 5% after management lowered the company’s full-year adjusted operating income forecast.

Founded in 2012, Snowflake went public in 2020, raising more than $3 billion in funding, the largest initial public offering ever for a software company. Snowflake’s valuation has been sliding since its first-day surge that pushed its market value past $70 billion, with its shares closing at $134.73 on Friday, valuing it at about $45 billion.