Canadian authorities have arrested a person suspected of getting stolen the information of lots of of thousands and thousands after concentrating on over 165 organizations, all of them clients of cloud storage firm Snowflake.
In keeping with Canada’s Division of Justice, Alexander “Connor” Moucka (aka “Waifu” and “Judische”) was taken into custody on Wednesday on the request of the USA and is scheduled to seem in courtroom once more right now, as first reported by Bloomberg and confirmed by 404 Media.
“Following a request by the United States, Alexander Moucka (a.k.a. Connor Moucka) was arrested on a provisional arrest warrant on Wednesday October 30, 2024,” Ian McLeod, a spokesperson for Canada’s Division of Justice, instructed BleepingComputer on Tuesday.
“He appeared in court later that afternoon and his case was adjourned to Tuesday November 5, 2024. As extradition requests are considered confidential state-to-state communications, we cannot comment further on this case.”
A joint investigation by SnowFlake, Mandiant, and CrowdStrike discovered that an attacker (tracked on the time as UNC5537) used buyer credentials stolen utilizing infostealer malware to focus on at the least 165 organizations that did not configure multi-factor authentication (MFA) safety on their SnowFlake accounts.
That’s only a tiny a part of the 9,400 Snowflake clients, with the whole checklist together with among the largest firms worldwide, similar to Mastercard, Micron, NBC Common, Capital One, Adobe, AT&T, Kraft Heinz, Doordash, HP, Okta, PepsiCo, Siemens, US Meals, Western Union, Yamaha, and plenty of others.
Knowledge breaches linked to those assaults, which began in April 2024, have affected lots of of thousands and thousands of people utilizing the companies of AT&T, Ticketmaster, Santander, Pure Storage, Advance Auto Elements, Los Angeles Unified, QuoteWizard/LendingTree, and Neiman Marcus.
In late Might, Ticketmaster confirmed that information was stolen from its Snowflake account after a risk actor often called ShinyHunters started the information of 560 million Ticketmaster clients.
In July, AT&T additionally warned of a large information breach after risk actors stole the decision logs of roughly 109 million clients (almost all of its cellular clients) from a web-based database on the corporate’s Snowflake account between April 14 and April 25, 2024.
Snowflake has since introduced that it’s going to implement multi-factor authentication (MFA) for accounts created beginning in October 2024 and require that each one passwords be at the least 14 characters lengthy.
