Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.mobile.android > #142758 > unrolled thread

What's a Snowflake cloud account?

Back to article view | Back to comp.mobile.android

Contents

  What's a Snowflake cloud account? Mickey D <mickeydavis078XX@ptd.net> - 2024-07-14 19:42 -0400
    Re: What's a Snowflake cloud account? Andy Burns <usenet@andyburns.uk> - 2024-07-15 00:52 +0100
    Re: What's a Snowflake cloud account? Big Al <alan@invalid.com> - 2024-07-14 20:34 -0400
      Re: What's a Snowflake cloud account? Mickey D <mickeydavis078XX@ptd.net> - 2024-07-14 21:28 -0400
        Re: What's a Snowflake cloud account? Big Al <alan@invalid.com> - 2024-07-14 22:18 -0400
        Re: What's a Snowflake cloud account? Paul in Houston TX <Paul@Houston.Texas> - 2024-07-14 22:59 -0500
          Re: What's a Snowflake cloud account? VanguardLH <V@nguard.LH> - 2024-07-14 23:27 -0500
            Re: What's a Snowflake cloud account? Alan Browne <bitbucket@blackhole.com> - 2024-07-15 11:16 -0400
              Re: What's a Snowflake cloud account? Stan Brown <the_stan_brown@fastmail.fm> - 2024-07-15 13:25 -0700
                Re: What's a Snowflake cloud account? Alan Browne <bitbucket@blackhole.com> - 2024-07-15 20:06 -0400
              Re: What's a Snowflake cloud account? bad sector <forgetski@_INVALID.net> - 2024-07-19 05:36 -0400
    Re: What's a Snowflake cloud account? Arno Welzel <usenet@arnowelzel.de> - 2024-07-15 09:22 +0200
    Re: What's a Snowflake cloud account? Stan Brown <the_stan_brown@fastmail.fm> - 2024-07-15 13:22 -0700
      Re: What's a Snowflake cloud account? Your Name <YourName@YourISP.com> - 2024-07-16 08:59 +1200
      Re: What's a Snowflake cloud account? Char Jackson <none@none.invalid> - 2024-07-15 17:53 -0500
        Re: What's a Snowflake cloud account? Alan Browne <bitbucket@blackhole.com> - 2024-07-15 20:07 -0400
    Re: What's a Snowflake cloud account? bad sector <forgetski@_INVALID.net> - 2024-07-19 05:32 -0400

#142758 — What's a Snowflake cloud account?

https://www.wired.com/story/atandt-paid-hacker-300000-to-delete-stolen-call-records/
AT&T Paid a Hacker $370,000 to Delete Stolen Phone Records

US telecom giant AT&T, which disclosed Friday that hackers had stolen the 
call records for tens of millions of its customers, paid a member of the 
hacking team more than $300,000 to delete the data and provide a video 
demonstrating proof of deletion.

The hacker, who is part of the notorious ShinyHunters hacking group that 
has stolen data from a number of victims through unsecured Snowflake cloud 
storage accounts, tells WIRED that AT&T paid the ransom in May.

What's a Snowflake cloud account?

[toc] | [next] | [standalone]

#142759

Mickey D wrote:

> What's a Snowflake cloud account?

Note the capital "S"?

[toc] | [prev] | [next] | [standalone]

#142760

On 7/14/24 07:42 PM, Mickey D wrote:
> https://www.wired.com/story/atandt-paid-hacker-300000-to-delete-stolen-call-records/
> AT&T Paid a Hacker $370,000 to Delete Stolen Phone Records
> 
> US telecom giant AT&T, which disclosed Friday that hackers had stolen the
> call records for tens of millions of its customers, paid a member of the
> hacking team more than $300,000 to delete the data and provide a video
> demonstrating proof of deletion.
> 
> The hacker, who is part of the notorious ShinyHunters hacking group that
> has stolen data from a number of victims through unsecured Snowflake cloud
> storage accounts, tells WIRED that AT&T paid the ransom in May.
> 
> What's a Snowflake cloud account?
Does this help?
https://docs.snowflake.com/
-- 
Linux Mint 21.3, Cinnamon 6.0.4,  Kernel 5.15.0-113-generic
Al

[toc] | [prev] | [next] | [standalone]

#142761

On Sun, 14 Jul 2024 20:34:35 -0400, Big Al wrote:

>> What's a Snowflake cloud account?
> Does this help?
> https://docs.snowflake.com/

No. That doesn't help at all. What's that got to do with AT&T call records?

[toc] | [prev] | [next] | [standalone]

#142763

On 7/14/24 09:28 PM, Mickey D wrote:
> On Sun, 14 Jul 2024 20:34:35 -0400, Big Al wrote:
> 
>>> What's a Snowflake cloud account?
>> Does this help?
>> https://docs.snowflake.com/
> 
> No. That doesn't help at all. What's that got to do with AT&T call records?
Sorry, It was the first hit that looked like anything with substance.   I did read a bit and it 
sounded like a cloud based data system.   Of course I've never been sure where "cloud based" came 
from since we know nothing except dust and rain is in the cloud.

Seemed like Snowflake provides services for AT&T.  AFAICT.
-- 
Linux Mint 21.3, Cinnamon 6.0.4,  Kernel 5.15.0-113-generic
Al

[toc] | [prev] | [next] | [standalone]

#142764

Mickey D wrote:
> On Sun, 14 Jul 2024 20:34:35 -0400, Big Al wrote:
> 
>>> What's a Snowflake cloud account?
>> Does this help?
>> https://docs.snowflake.com/
> 
> No. That doesn't help at all. What's that got to do with AT&T call records?

The answer is about 1/2 way down in the Wired article.

[toc] | [prev] | [next] | [standalone]

#142765

Paul in Houston TX <Paul@Houston.Texas> wrote:

> Mickey D wrote:
>
>> Big Al wrote:
>> 
>>>> What's a Snowflake cloud account?
>>>
>>> Does this help?
>>> https://docs.snowflake.com/
>> 
>> No. That doesn't help at all. What's that got to do with AT&T call
>> records?
> 
> The answer is about 1/2 way down in the Wired article.

Yep, where it notes:

"After Reddington verified that the call logs were real, Binns allegedly
told Reddington that he had also obtained call and texting logs of
millions of other AT&T customers through a poorly secured cloud storage
account hosted by Snowflake."

"AT&T is one of more than 150 companies that are believed to have had
data stolen from poorly secured Snowflake accounts during a hacking
spree that unfolded throughout April and May."

As Big Al surmized, AT&T uses Snowflake services or accounts, and
Snowflake got hacked which exposed Snowflake's customers.  While AT&T,
and others, got targeted, the vulnerability appears to be with
Snowflake.  The data breach was Snowflake's fault.

Advance Auto Parts was another customer of Snowflake that got nailed due
to Snowflake accounts getting hacked.

https://www.securityweek.com/millions-impacted-by-breach-at-advance-auto-parts-linked-to-snowflake-incident/
"Starting mid-April, the attackers accessed Snowflake accounts that
lacked multi-factor authentication (MFA) protections and network allow
lists, and then attempted to extort the victim organizations by
threatening to leak the stolen data."

[toc] | [prev] | [next] | [standalone]

#142779

On 2024-07-15 00:27, VanguardLH wrote:

> https://www.securityweek.com/millions-impacted-by-breach-at-advance-auto-parts-linked-to-snowflake-incident/
> "Starting mid-April, the attackers accessed Snowflake accounts that
> lacked multi-factor authentication (MFA) protections and network allow
> lists, and then attempted to extort the victim organizations by
> threatening to leak the stolen data."

Article says:

<<< "On July 10, Advance Auto Parts disclosed to the Maine Attorney 
General’s Office that the personal information of 2,316,591 individuals 
was stolen from its Snowflake account and that it has started sending 
data breach notifications.

The compromised personal information, the company says, includes names, 
dates of birth, Social Security numbers, driver’s license numbers, and 
other government-issued identification numbers. >>>


Why does a parts vendor need birth date and SSNs, etc?



-- 
"It would be a measureless disaster if Russian barbarism overlaid
  the culture and independence of the ancient States of Europe."
Winston Churchill

[toc] | [prev] | [next] | [standalone]

#142791

On Mon, 15 Jul 2024 11:16:16 -0400, Alan Browne wrote:
> Why does a parts vendor need birth date and SSNs, etc?
> 

Applications for credit, possibly including layaway? (I'm not a 
customer, and have no idea if those guesses are plausible for the way 
they do business.) 

-- 
Stan Brown, Tehachapi, California, USA         https://BrownMath.com/
Shikata ga nai...

[toc] | [prev] | [next] | [standalone]

#142799

On 2024-07-15 16:25, Stan Brown wrote:
> On Mon, 15 Jul 2024 11:16:16 -0400, Alan Browne wrote:
>> Why does a parts vendor need birth date and SSNs, etc?
>>
> 
> Applications for credit, possibly including layaway? (I'm not a
> customer, and have no idea if those guesses are plausible for the way
> they do business.)

They're certainly plausible reasons.   OTOH, most people w/o money just 
pile it onto the credit card to leach away their money.

-- 
"It would be a measureless disaster if Russian barbarism overlaid
  the culture and independence of the ancient States of Europe."
Winston Churchill

[toc] | [prev] | [next] | [standalone]

#142896

On 7/15/24 11:16, Alan Browne wrote:
> On 2024-07-15 00:27, VanguardLH wrote:
> 
>> https://www.securityweek.com/millions-impacted-by-breach-at-advance-auto-parts-linked-to-snowflake-incident/
>> "Starting mid-April, the attackers accessed Snowflake accounts that
>> lacked multi-factor authentication (MFA) protections and network allow
>> lists, and then attempted to extort the victim organizations by
>> threatening to leak the stolen data."
> 
> Article says:
> 
> <<< "On July 10, Advance Auto Parts disclosed to the Maine Attorney 
> General’s Office that the personal information of 2,316,591 individuals 
> was stolen from its Snowflake account and that it has started sending 
> data breach notifications.
> 
> The compromised personal information, the company says, includes names, 
> dates of birth, Social Security numbers, driver’s license numbers, and 
> other government-issued identification numbers. >>>
> 
> 
> Why does a parts vendor need birth date and SSNs, etc?

(sorry, thunderbird is playing games with me this morning)


EXACTLY, why does every other shithole litte money-changing merchant or 
other in-betweener require (or have access to at all), such data???


-- 
Data-Denial is the name of the game. Other than friends, family or civil 
authority (and even for the latter only to the extent necessary for 
necessary identification), criminalize the storage of anyone else's 
personal data except momentarily in verifiably volatile fashion to 
complete a transaction. In the case of all identity abuse including the 
above avenues, make the contributing data source *criminally complicit* 
before the law regardless of the employed methods, privacy-policies or 
other similar double-speak parading as safeguards.
> 
> 
> 

[toc] | [prev] | [next] | [standalone]

#142768

Mickey D, 2024-07-15 01:42:

[...]
> The hacker, who is part of the notorious ShinyHunters hacking group that 
> has stolen data from a number of victims through unsecured Snowflake cloud 
> storage accounts, tells WIRED that AT&T paid the ransom in May.
> 
> What's a Snowflake cloud account?

<https://signup.snowflake.com>


-- 
Arno Welzel
https://arnowelzel.de

[toc] | [prev] | [next] | [standalone]

#142790

On Sun, 14 Jul 2024 19:42:14 -0400, Mickey D wrote:
> What's a Snowflake cloud account?
> 

Like any other cloud account, it's just someone else's computer.

-- 
Stan Brown, Tehachapi, California, USA         https://BrownMath.com/
Shikata ga nai...

[toc] | [prev] | [next] | [standalone]

#142792

On 2024-07-15 20:22:17 +0000, Stan Brown said:
> On Sun, 14 Jul 2024 19:42:14 -0400, Mickey D wrote:
>> 
>> What's a Snowflake cloud account?
> 
> Like any other cloud account, it's just someone else's computer.

Except the Snowflake account will suddenly just melt away when the 
computer heats up.  ;-)

[toc] | [prev] | [next] | [standalone]

#142794

On Mon, 15 Jul 2024 13:22:17 -0700, Stan Brown <the_stan_brown@fastmail.fm>
wrote:

>On Sun, 14 Jul 2024 19:42:14 -0400, Mickey D wrote:
>> What's a Snowflake cloud account?
>> 
>
>Like any other cloud account, it's just someone else's computer.

I think I've mentioned before that that's an oversimplification. I only mention
it again because I wouldn't want anyone to take it literally.

[toc] | [prev] | [next] | [standalone]

#142800

On 2024-07-15 18:53, Char Jackson wrote:
> On Mon, 15 Jul 2024 13:22:17 -0700, Stan Brown <the_stan_brown@fastmail.fm>
> wrote:
> 
>> On Sun, 14 Jul 2024 19:42:14 -0400, Mickey D wrote:
>>> What's a Snowflake cloud account?
>>>
>>
>> Like any other cloud account, it's just someone else's computer.
> 
> I think I've mentioned before that that's an oversimplification. I only mention
> it again because I wouldn't want anyone to take it literally.

And do mention it in the future if it comes up.

-- 
"It would be a measureless disaster if Russian barbarism overlaid
  the culture and independence of the ancient States of Europe."
Winston Churchill

[toc] | [prev] | [next] | [standalone]

#142895

On 7/14/24 19:42, Mickey D wrote:
> https://www.wired.com/story/atandt-paid-hacker-300000-to-delete-stolen-call-records/
> AT&T Paid a Hacker $370,000 to Delete Stolen Phone Records
> 
> US telecom giant AT&T, which disclosed Friday that hackers had stolen the
> call records for tens of millions of its customers, paid a member of the
> hacking team more than $300,000 to delete the data and provide a video
> demonstrating proof of deletion.
> 
> The hacker, who is part of the notorious ShinyHunters hacking group that
> has stolen data from a number of victims through unsecured Snowflake cloud
> storage accounts, tells WIRED that AT&T paid the ransom in May.
> 
> What's a Snowflake cloud account?



-- 
Data-Denial is the name of the game. Other than friends, family or civil 
authority (and even for the latter only to the extent necessary for 
necessary identification), criminalize the storage of anyone else's 
personal data except momentarily in verifiably volatile fashion to 
complete a transaction. In the case of all identity abuse including the 
above avenues, make the contributing data source *criminally complicit* 
before the law regardless of the employed methods, privacy-policies or 
other similar double-speak parading as safeguards.

[toc] | [prev] | [standalone]

Back to top | Article view | comp.mobile.android

csiph-web