Why must it be a tumultuous data breach week just as I battle with timezone fatigue? I returned from Europe only to find a series of breaches sourced from Snowflake being publicly disclosed, causing quite a commotion. There’s a plethora of data to scrutinize, numerous media inquiries, and extensive discussions with affected individuals, breached organizations, incident response teams, and law enforcement authorities. This predicament is creating utter chaos, and I anticipate that there is more to unfold, with only a fraction of the data from the estimated 165 affected organizations surfacing online thus far. It seems like another intriguing week awaits.
Sources
- Supported by: Push Security. Prevent identity attacks with a browser-based agent that identifies and halts account takeover. Test it out for free now.
- Entrust is losing trust (the tweet thread contains references to all previous mentions of Entrust, including some highly questionable “security” assertions)
- The Snowflake dilemma is evolving into one of the most remarkable security incidents in recollection (165 distinct affected companies, billions of records and terabytes of data, ransom requests, and much more data likely to be exposed)
- The Ticketek data from the Snowflake scenario was sent to me this week (hey, I’m in yet another breach!)
- The Neiman Marcus data – also originating from Snowflake – was publicly revealed (they claim 64k individuals were affected, yet the data points to tens of millions)
- Anticipating things getting slightly chaotic towards the week’s end, I penned an article on the state of data breaches while on a flight earlier in the week (given the reception it received, I’m planning a continuation in the next couple of days)
About Author
