Snowflake Data Breach: 165 Customer Accounts Compromised

Snowflake Data Breach: 165 Customer Accounts Compromised

Luisa Martinez
1 min read

Cybercriminal Group Compromises 165 Snowflake Customers

A cybercriminal group, tracked as UNC5537, has recently compromised up to 165 customers of the cloud storage provider Snowflake. This breach occurred as a result of stolen login credentials obtained through information-stealing malware. Among the affected customers is QuoteWizard, a subsidiary of Lending Tree. The company is currently investigating the extent of the data breach, with initial findings indicating that no consumer financial information has been impacted. However, the compromised accounts lacked multifactor authentication, a critical security measure that could have prevented the breaches. Mandiant, the security firm enlisted by Snowflake, has identified UNC5537 as a financially motivated group primarily based in North America. The attackers have been found selling the stolen data on cybercriminal forums, exploiting credentials often stolen years ago and never updated.

Key Takeaways

  • 165 Snowflake customers compromised by information-stealing malware.
  • QuoteWizard and Live Nation among affected companies.
  • Stolen data includes partial credit card numbers and customer details.
  • Compromises due to lack of multifactor authentication and outdated credentials.
  • UNC5537, a financially motivated group, responsible for the attacks.


The compromise of 165 Snowflake customers, including QuoteWizard and Live Nation, underscores the vulnerability of cloud services without multifactor authentication. The use of outdated credentials by UNC5557, a North American-based cybercriminal group, emphasizes the critical need for regular security updates. Short-term impacts include data breaches and potential financial losses for affected companies, while long-term consequences may involve reputational damage and increased regulatory scrutiny. This incident could potentially drive broader adoption of robust security protocols across the cloud storage industry, thereby enhancing overall cybersecurity standards.

Did You Know?

  • Snowflake: A cloud-based data warehousing platform designed to handle large-scale data storage and processing.
  • Multifactor Authentication (MFA): A security system that requires more than one method of authentication to verify the user's identity.
  • UNC5537: A threat actor designation used by cybersecurity firms to track specific cybercriminal groups.

You May Also Like

This article is submitted by our user under the News Submission Rules and Guidelines. The cover photo is computer generated art for illustrative purposes only; not indicative of factual content. If you believe this article infringes upon copyright rights, please do not hesitate to report it by sending an email to us. Your vigilance and cooperation are invaluable in helping us maintain a respectful and legally compliant community.

Subscribe to our Newsletter

Get the latest in enterprise business and tech with exclusive peeks at our new offerings