{"id":56391,"date":"2024-06-24T12:36:54","date_gmt":"2024-06-24T12:36:54","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/36025\/Snowflake-Breach-Snowballs-With-More-Victims.html"},"modified":"2024-06-24T12:36:54","modified_gmt":"2024-06-24T12:36:54","slug":"snowflake-breach-snowballs-with-more-victims","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/","title":{"rendered":"Snowflake Breach Snowballs With More Victims"},"content":{"rendered":"<p><span class=\"label\">Infosec in brief<\/span> The descending ball of trouble over at Snowflake keeps growing larger, with more victims \u2013 and even one of the alleged intruders \u2013 coming forward last week.<\/p>\n<p>We know the list of Snowflake victims is long \u2013 at least 165 targets were caught up in the security failure, threat hunters at Mandiant <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/06\/11\/crims_targeting_snowflake_customers\/\" rel=\"noopener\">reported<\/a> recently \u2013 including, <a target=\"_blank\" href=\"https:\/\/x.com\/BrettCallow\/status\/1803812470731014334\" rel=\"nofollow noopener\">it&#8217;s<\/a> <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/x.com\/H4ckManac\/status\/1803666827047764058\">believed<\/a> after news broke this week, Australian ticketing provider Ticketek. According to local news sources, Tiketek has <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.9news.com.au\/national\/ticketek-cyber-incident-teg-statement\/5ae92e76-951f-43be-9ffe-efaf5e5a4e7e\">contacted<\/a> customers about an incident that exposed their names, birthdates and email addresses \u2013 but hasn&#8217;t specified whether it attributes the incident to the Snowflake breach.<\/p>\n<p>Ticketmaster, another major <span class=\"strike\">price gouging<\/span> ticketing firm based in the US, was <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/05\/29\/breachforums_ticketmaster_data\/\" rel=\"noopener\">one of the first<\/a> <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/05\/31\/snowflake_breach_report\/\" rel=\"noopener\">identified<\/a> victims. US car part retailer Advance Auto Parts was also believed to be a Snowflake victim, which the company <a target=\"_blank\" href=\"https:\/\/www.sec.gov\/Archives\/edgar\/data\/1158449\/000115844924000162\/aap-20240523.htm\" rel=\"nofollow noopener\">confirmed<\/a> last week in a filing with the US Securities and Exchange Commission.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Advance Auto Parts said employee and applicant data, including social security numbers and other government identification infomation, were stolen during the breach.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>Most interestingly, a hacker claiming to have been involved in the Snowflake breach <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.wired.com\/story\/epam-snowflake-ticketmaster-breach-shinyhunters\/\">told<\/a> Wired that they and the rest of the ShinyHunters crew obtained access to Snowflake systems by first compromising third parties with which Snowflake did business.<\/p>\n<p>Snowflake has continued to maintain that its systems were not directly penetrated by the cyber criminals \u2013 which appears to have been substantiated by the self-reported ShinyHunters member.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>ShinyHunters, which recently took control of the notorious BreachForums cyber crime website, said that one of the contractors it broke into was US-based <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/03\/11\/ukraines_war_developers\/\" rel=\"noopener\">EPAM Systems<\/a>, a software engineering firm and Snowflake elite <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.epam.com\/services\/partners\/snowflake\">partner<\/a>. The developer has denied its systems were compromised as part of the Snowflake incident.<\/p>\n<p>Snowflake has said that it believes the threat actors who compromised its systems were relying on finding customers who hadn&#8217;t enabled multifactor authentication, and is <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/06\/10\/security_in_brief\/\" rel=\"noopener\">currently<\/a> in the process of requiring all customers implement MFA and other security controls.<\/p>\n<h3 class=\"crosshead\">Will CDK cave to ransomware attack?<\/h3>\n<p>Car dealerships across the US are still <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/06\/20\/cdk_global_offline\/\" rel=\"noopener\">without access<\/a> to order management and registration software from software house CDK, and it looks like the afflicted biz may be ready to pay up.<\/p>\n<p>Accord to a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.bloomberg.com\/news\/articles\/2024-06-21\/cdk-hackers-want-millions-in-ransom-to-end-car-dealership-outage\">report<\/a>, the extortionist behind the crippling of CDK&#8217;s systems is asking millions for the keys to fix the afflicted servers and claim CDK is negotiating but willing to pay up. With sales of new cars stalling because of the catastrophe \u2013 and the share price of CDK&#8217;s owners Brookfield Business Partners down over five percent \u2013 it&#8217;s not a stretch to believe CDK might pay to make this problem go away.<\/p>\n<p>CDK has an estimated 15,000 dealerships on its books in North America, and they are currently either unable to perform some business processes or reverting to paper and pencil where possible. While it&#8217;s tempting to just pay up, the corp would be funding criminals who will, most likely, reinvest the proceeds and look to attack others.<\/p>\n<div class=\"boxout\" readability=\"13.270973963356\">\n<h3 class=\"crosshead\">Critical vulnerabilities of the week: Check your Junipers<\/h3>\n<p>We start this week with a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/supportportal.juniper.net\/s\/article\/On-Demand-JSA-Series-Multiple-vulnerabilities-resolved-in-Juniper-Secure-Analytics-in-7-5-0-UP8-IF03?language=en_US\">security update<\/a> for Juniper Secure Analytics that ought to be installed ASAP. Of the laundry list of issues fixed, several are critical \u2013 including five rated a 9.8 out of ten on the CVSS 3.1 scale.<\/p>\n<p>Those include a use-after-free issue that could lead to DoS, RCE or info disclosure &#8220;by providing a crafted regular expression&#8221; and out-of-bounds read via crafted USB device traffic.<\/p>\n<p>Elsewhere:<\/p>\n<ul>\n<li>CVSS 9.3 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-172-02\">CVE-2023-3643<\/a>: CAREL Boss-Mini local supervisor solution contains a path traversal bug that could be used to manipulate argument paths and disclose information.<\/li>\n<li>CVSS 8.7 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-172-03\">Multiple CVEs<\/a>: Westermo L210-F2G industrial ethernet switches are transmitting plain text credentials and session IDs. They\u2019re also vulnerable to a denial of service triggered by too many incoming packets.<\/li>\n<li>CVSS 8.7 \u2013 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-24-170-01\">CVE-2019-6268<\/a>: RAD Data Communications SecFlow-2 devices are vulnerable to path traversal, allowing an attacker to steal files using special requests.<\/li>\n<\/ul>\n<\/div>\n<h3 class=\"crosshead\">IntelBroker leaks alleged stolen Apple tools<\/h3>\n<p>Criminals selling data allegedly stolen from high profile orgs like Europol and the Pentagon have a new high-value offering available: alleged internal tools used by Apple that security researchers claim are actually anything but.<\/p>\n<p><a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/x.com\/DarkWebInformer\/status\/1803196314441920767\">News<\/a> of the sale by IntelBroker \u2013 which is believed to act as a middleman for other cyber criminal gangs \u2013 was revealed last week. IT services firm AHCTS <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/ahcts.co\/technical-analysis-of-apple-internal-source-code-leak\/\">purchased<\/a> the data, finding that &#8220;contrary to initial publications, the leaked data does not include internal Apple tools.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Instead, the data AHCTS was sold included custom integrations for connecting Apple authentication systems to Jira and Confluence for SSO within Apple&#8217;s own network \u2013 valuable, sure, but nothing as serious as internal Apple tools.<\/p>\n<p>&#8220;The leak of the custom plugins developed for Apple&#8217;s internal Confluence and Jira instances poses significant cyber security risks, but there is not an actively exploitable threat within the source code,&#8221; AHCTS explained. Additionally, &#8220;the source code does not include any tools which impact Apple end-user products or services.&#8221;<\/p>\n<h3 class=\"crosshead\">Five guys convicted of running illegal streaming site that pirated pirates<\/h3>\n<p>A quintet of American men have been found guilty of criminal copyright infringement for their parts in running illegal streaming site Jetflicks, which reportedly earned them millions.<\/p>\n<p>According to the Department of Justice, the Jetflicks crew operated since 2007 and acquired a massive library of television episodes &#8220;larger than the combined catalogs of Netflix, Hulu, Vudu, and Amazon Prime,&#8221; by developing &#8220;sophisticated computer scripts and software to scour pirate websites for illegal copies of television episodes, which they then downloaded and hosted on Jetflicks.&#8221;<\/p>\n<p>FBI Washington field office assistant director in charge, David Sundberg, added that when Jetflicks received copyright complaints it &#8220;tried to disguise Jetflicks as an aviation entertainment company&#8221; instead of facing its accusers.<\/p>\n<p>Four of the five men involved face up to five years in prison, while the reported ringleader, Kristopher Dallman, faces up to 48. Dallman was found guilty of two counts of money laundering by concealment and three additional counts of misdemeanor criminal copyright infringement. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/36025\/Snowflake-Breach-Snowballs-With-More-Victims.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[1019],"class_list":["post-56391","post","type-post","status-publish","format-standard","hentry","category-packet-storm","tag-headlinehackerdata-loss"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Snowflake Breach Snowballs With More Victims 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Snowflake Breach Snowballs With More Victims 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-06-24T12:36:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/snowflake-breach-snowballs-with-more-victims\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/snowflake-breach-snowballs-with-more-victims\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Snowflake Breach Snowballs With More Victims\",\"datePublished\":\"2024-06-24T12:36:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/snowflake-breach-snowballs-with-more-victims\\\/\"},\"wordCount\":995,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/snowflake-breach-snowballs-with-more-victims\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"keywords\":[\"headline,hacker,data loss\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/snowflake-breach-snowballs-with-more-victims\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/snowflake-breach-snowballs-with-more-victims\\\/\",\"name\":\"Snowflake Breach Snowballs With More Victims 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/snowflake-breach-snowballs-with-more-victims\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/snowflake-breach-snowballs-with-more-victims\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2024-06-24T12:36:54+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/snowflake-breach-snowballs-with-more-victims\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/snowflake-breach-snowballs-with-more-victims\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/snowflake-breach-snowballs-with-more-victims\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/snowflake-breach-snowballs-with-more-victims\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,data loss\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerdata-loss\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Snowflake Breach Snowballs With More Victims\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Snowflake Breach Snowballs With More Victims 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/","og_locale":"en_US","og_type":"article","og_title":"Snowflake Breach Snowballs With More Victims 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-06-24T12:36:54+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Snowflake Breach Snowballs With More Victims","datePublished":"2024-06-24T12:36:54+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/"},"wordCount":995,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","keywords":["headline,hacker,data loss"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/","url":"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/","name":"Snowflake Breach Snowballs With More Victims 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2024-06-24T12:36:54+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZnmUAq9vFbsVuz5NPU6bqgAAAM4&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/snowflake-breach-snowballs-with-more-victims\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,data loss","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerdata-loss\/"},{"@type":"ListItem","position":3,"name":"Snowflake Breach Snowballs With More Victims"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/56391","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=56391"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/56391\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=56391"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=56391"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=56391"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}