Canadian authorities have arrested a person suspected of getting stolen the information of lots of of thousands and thousands after focusing on over 165 organizations, all of them clients of cloud storage firm Snowflake.
In line with Canada’s Division of Justice, Alexander “Connor” Moucka (aka “Waifu” and “Judische”) was taken into custody on Wednesday on the request of the USA and is scheduled to seem in court docket once more at this time, as first reported by Bloomberg and confirmed by 404 Media.
“Following a request by the USA, Alexander Moucka (a.ok.a. Connor Moucka) was arrested on a provisional arrest warrant on Wednesday October 30, 2024,” Ian McLeod, a spokesperson for Canada’s Division of Justice, instructed BleepingComputer on Tuesday.
“He appeared in court docket later that afternoon and his case was adjourned to Tuesday November 5, 2024. As extradition requests are thought of confidential state-to-state communications, we can not remark additional on this case.”
A joint investigation by SnowFlake, Mandiant, and CrowdStrike discovered that an attacker (tracked on the time as UNC5537) used buyer credentials stolen utilizing infostealer malware to focus on a minimum of 165 organizations that did not configure multi-factor authentication (MFA) safety on their SnowFlake accounts.
That’s only a tiny a part of the 9,400 Snowflake clients, with the entire checklist together with a few of the largest firms worldwide, similar to Mastercard, Micron, NBC Common, Capital One, Adobe, AT&T, Kraft Heinz, Doordash, HP, Okta, PepsiCo, Siemens, US Meals, Western Union, Yamaha, and lots of others.
Knowledge breaches linked to those assaults, which began in April 2024, have affected lots of of thousands and thousands of people utilizing the providers of AT&T, Ticketmaster, Santander, Pure Storage, Advance Auto Elements, Los Angeles Unified, QuoteWizard/LendingTree, and Neiman Marcus.
In late Could, Ticketmaster confirmed that information was stolen from its Snowflake account after a menace actor often known as ShinyHunters started the information of 560 million Ticketmaster clients.
In July, AT&T additionally warned of an enormous information breach after menace actors stole the decision logs of roughly 109 million clients (almost all of its cellular clients) from an internet database on the corporate’s Snowflake account between April 14 and April 25, 2024.
Snowflake has since introduced that it’ll implement multi-factor authentication (MFA) for accounts created beginning in October 2024 and require that every one passwords be a minimum of 14 characters lengthy.