Why must it be a hectic data breach week just as I am grappling with time zone disorientation?! Returning home from Europe coincided with the commencement of several breaches originating from Snowflake, creating chaos. There is a substantial amount of data to examine, numerous media queries, and extensive conversations with affected individuals, breached organizations, incident response professionals, and law enforcement authorities. This circumstance is causing widespread disorder and it seems like there’s more to come, with only a fraction of the data from the purported 165 affected organizations surfacing online thus far. Another intriguing week appears to lie ahead.

Listen on Apple Podcasts
Get it on Google Play
Download via RSS

References

  1. Supported by: Push Security. Combat identity attacks with a browser-based agent that detects and prohibits account takeover attempts. Try for free now.
  2. Entrust has forfeited their trust (within that tweet thread is a search to all my prior mentions of Entrust, including some very questionable “security” assertions)
  3. The Snowflake scenario is becoming one of the most substantial security incidents in recent history (165 distinct affected companies, billions of records and terabytes of data, ransom demands, and further data likely to leak)
  4. The Ticketek data from the Snowflake situation was transmitted to me this week (hey, I’m involved in yet another breach!)
  5. The Neiman Marcus data – also from Snowflake – was publicly disclosed (they report 64k individuals impacted, but the data indicates it’s in the tens of millions)
  6. In anticipation of the situation escalating towards the week’s end, I penned an article on the state of data breaches whilst onboard an aircraft earlier in the week (considering the feedback this received, I am preparing a follow-up in the next few days)
Weekly status