Pure Storage reports data breach caused by Snowflake account hack
Learn More
Pure Storage, a cloud storage systems provider, reported a data breach resulting from the unauthorized access of its Snowflake workspace, where attackers obtained telemetry information.
The exposed data includes:
- customer names,
- usernames,
- email addresses.
The number of affected individuals and companies customers of Pure Storage is not disclosed.
The breach is part of a larger wave of Snowflake attacks linked to a financially motivated threat actor tracked as UNC5537 by Mandiant.
Pure Storage claims that no evidence suggests malicious activity in other parts of its customer infrastructure. The company has contacted affected customers, who similarly reported no unusual activity targeting their systems.
The attackers gained access using stolen customer credentials, primarily targeting accounts lacking multi-factor authentication (MFA).
Snowflake, in collaboration with Mandiant and CrowdStrike, has advised customers to:
- Enable multi-factor authentication.
- Regularly update and rotate credentials.
- Implement network allow lists to restrict access to trusted locations.
