КућаБезбедносне операцијеCanadian authorities apprehend hacker linked to Snowflake breach

Canadian authorities apprehend hacker linked to Snowflake breach

Објављено на

spot_img

The Snowflake data breach, which compromised sensitive information belonging to several high-profile companies, has taken a significant turn with the recent arrest of a 26-year-old man from Ontario, Canada. Alexander “Connor” Moucka was detained by Canadian authorities on October 30th, following a provisional arrest warrant from the United States. He was apprehended in Kitchener, a city located about 65 miles west of Toronto.

Although Moucka appeared in court, the specific charges against him have not been disclosed. Ian McLeod, a spokesperson for Canada’s Department of Justice, refrained from providing further details on the case due to the confidentiality of extradition requests.

Cybersecurity researchers have identified Moucka as a key player in the operation, connecting him to various online aliases such as “Judische” and “Waifu”. He is believed to have collaborated with another hacker, John Binns, in the attack on AT&T, which led to the exposure of personal data belonging to nearly all AT&T customers for a six-month period in 2022. Binns, who was previously indicted for an attack on T-Mobile, was arrested by Turkish authorities and is currently in custody.

The Snowflake data breach, which occurred between April and July of this year, affected numerous high-profile companies, including AT&T, Ticketmaster, and Santander. The hackers exploited weak security measures, such as the absence of multifactor authentication, to target customer accounts using stolen login credentials. It is estimated that over 165 organizations were impacted by the cyberattack.

To pressure their victims, the hackers threatened to sell the stolen data on the dark web. In July, AT&T disclosed a breach that exposed phone records for the majority of its customers, covering a six-month period from May to October 2022. The compromised data included phone numbers, call and text logs, as well as some location data associated with cell phone usage.

The breach was linked to AT&T’s use of the Snowflake platform, which revealed in May that a significant cyberattack had compromised customer data across multiple clients. An investigation by Mandiant revealed that attackers had exploited stolen login credentials to access Snowflake accounts, some of which had been compromised as early as 2020 through malware.

In a separate incident, the hacking group ShinyHunters claimed responsibility for stealing personal information belonging to millions of Santander bank customers and employees, as well as hacking 560 million customer accounts at Ticketmaster. The compromised data included full names, addresses, phone numbers, email addresses, ticket purchase histories, and partial payment details.

Snowflake, a cloud data platform serving numerous customers, including major companies like Adobe, Capital One, and PepsiCo, denied any security vulnerabilities within its platform. The company attributed the breaches to weak security on customer accounts rather than flaws in its own system, emphasizing the importance of robust security measures to prevent future breaches.

Извор линк

Најновији чланци

Meta Eases AI Regulations for US Military Utilization

Meta, the parent company of social media giant Facebook, has recently made a significant...

ENISA to host 9th eHealth security conference addressing cybersecurity challenges in healthcare sector

The 9th eHealth Security Conference, co-hosted by the European Union Agency for Cybersecurity (ENISA),...

UK Cybersecurity Salaries Increase Beyond Inflation as Stress Levels Increase

According to the Chartered Institute of Information Security (CIISec), cybersecurity professionals in the UK...

Evidence suggests hackers did not breach company data

Nokia, a leading telecommunications company, is currently investigating a potential cyberattack that has raised...

Више овако

Meta Eases AI Regulations for US Military Utilization

Meta, the parent company of social media giant Facebook, has recently made a significant...

ENISA to host 9th eHealth security conference addressing cybersecurity challenges in healthcare sector

The 9th eHealth Security Conference, co-hosted by the European Union Agency for Cybersecurity (ENISA),...

UK Cybersecurity Salaries Increase Beyond Inflation as Stress Levels Increase

According to the Chartered Institute of Information Security (CIISec), cybersecurity professionals in the UK...
sr_RSSerbian