It’s the first time that the number of affected Snowflake customers has been disclosed since the account hacks began in April.
So far, only Ticketmaster and LendingTree have confirmed data thefts where their stolen data was hosted on Snowflake.
Several other Snowflake customers say they are currently investigating possible data thefts from their Snowflake environments.
Mandiant said the threat campaign is “ongoing,” suggesting the number of Snowflake corporate customers reporting data thefts may rise.
Last week, TechCrunch found circulating online hundreds of Snowflake customer credentials stolen by malware that infected the computers of staffers who have access to their employer’s Snowflake environment.
U.S. cybersecurity agency CISA has confirmed that Russian government-backed hackers stole emails from several U.S. federal agencies as a result of an ongoing cyberattack at Microsoft.
“Midnight Blizzard’s successful compromise of Microsoft corporate email accounts and the exfiltration of correspondence between agencies and Microsoft presents a grave and unacceptable risk to agencies,” said CISA.
CISA made details of the emergency directive public on Thursday after giving affected federal agencies a week to reset passwords and secure affected systems.
CISA did not name the affected federal agencies that had emails stolen, and a spokesperson for CISA did not immediately comment when reached by TechCrunch.
The emergency directive comes as Microsoft faces increasing scrutiny of its security practices after a spate of intrusions by hackers of adversarial nations.
U.S. consulting firm Greylock McKinnon Associates disclosed a data breach in which hackers stole as many as 341,650 Social Security numbers.
The data breach was disclosed on Friday on Maine’s government website, where the state posts data breach notifications.
A spokesperson for the Justice Department did not respond to a request for comment.
We received confirmation of which individuals’ information was affected and obtained their contact addresses on February 7, 2024,” the firm wrote.
GMA told victims that “your personal and Medicare information was likely affected in this incident,” which includes names, dates of birth, home address, some medical information and health insurance information, and Medicare claim numbers, which included Social Security Numbers.
VF Corp., the parent company of the popular apparel brands Vans, Supreme, and The North Face, said Thursday that hackers stole the personal data of 35.5 million customers in a December cyberattack.
The Denver, Colorado-based company reported the data breach to regulators in a filing on Thursday.
The filing did not say specifically what kinds of personal data was taken, or if the company yet knows what was stolen.
VF Corp. spokesperson Colin Wheeler did not respond to an email from TechCrunch requesting more information.
VF Corp. previously said the hackers disrupted its operations “by encrypting some IT systems,” implying a ransomware attack.
Real estate services giant Fidelity National Financial has confirmed hackers stole data on 1.3 million of its customers during a November cyberattack that knocked the company offline for a week.
FNF spokesperson Lisa Foxworthy-Parker did not respond to TechCrunch’s email requesting further details.
FNF said it “contained” the cyberattack on November 26 following a week-long outage that virtually froze all of the company and much of its subsidiaries’ operations.
One of FNF’s subsidiaries described the incident as a “catastrophe” in an automated message for customers.
FNF was one of several corporate victims of cyberattacks in recent weeks targeting the mortgage and loan industry, including LoanDepot and Mr. Cooper.
Comcast has confirmed that hackers exploiting a critical-rated security vulnerability accessed the sensitive information of almost 36 million Xfinity customers.
Hackers have used the CitrixBleed vulnerability to hack into big-name victims, including aerospace giant Boeing, the Industrial and Commercial Bank of China, and international law firm Allen & Overy.
The notice doesn’t say how many Xfinity customers have been impacted, and Comcast spokesperson Joel Shadle declined to say when asked by TechCrunch.
In a filing with Maine’s attorney general, Comcast confirmed that almost 35.8 million customers are affected by the breach.
Comcast’s latest earnings report shows the company has over 32 million broadband customers, suggesting this breach has impacted most, if not all Xfinity customers.
Hackers stole the sensitive personal information of more than 14.6 million Mr. Cooper customers, the mortgage and loan giant has confirmed.
In a filing with Maine’s attorney general’s office, Mr. Cooper said the hackers stole customer names, addresses, dates of birth, phone numbers, as well as customer Social Security numbers and bank account numbers.
Mr. Cooper previously said that customer banking information was stored by a third-party company and believed to be unaffected.
Mr. Cooper said in its data breach notification letter to affected victims that the stolen data includes personal information on those whose mortgage was previously acquired or serviced by the company when it was known as Nationstar Mortgage, prior to its rebranding as Mr. Cooper.
Do you work at Mr. Cooper and know more about the cyberattack?
According to Western Digital, data was stolen from its systems during a “network security incident.” Investigators are still trying to determine the extent of the damage caused by the attack,…
CircleCi, a software provider popular among developers and engineers, reported a data breach last month which resulted in stolen customer data. The company on Friday revealed that an intruder accessed…
Phishing is a frequent tactic of attackers, causing breaches at Twilio, DoorDash and Bed Bath & Beyond. The Guardian alerted its U.K. staff that their sensitive personal information had been…
