U.S. cloud storage firm Snowflake has repudiated a now-removed Hudson Rock report linking the service provider to the attacks against Ticketmaster and Santander Bank, which the ShinyHunters threat operation claimed to have resulted in the collective compromise of data from nearly 600 million individuals, according to The Record, a news site by cybersecurity firm Recorded Future.
Hudson Rock reported attackers hacked Ticketmaster, Santander, and nearly 400 other companies by infiltrating a Snowflake employee's ServiceNow account but while Snowflake confirmed the breach of a demo account belonging to a former employee, the cloud storage provider rejected the inclusion of sensitive data within the account, as well as the presence of a system vulnerability.
"Research indicates that these types of attacks are performed with our customers’ user credentials that were exposed through unrelated cyber threat activity. To date, we do not believe this activity is caused by any vulnerability, misconfiguration, or malicious activity within the Snowflake product," said Snowflake.