Snowflake hacker arrested over data breach and extortion

165 organizations were affected in the infamous Snowflake breach

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Canadian authorities have confirmed that an arrest has been made in connection to thesignificant breach of Snowflakeearlier in 2024.

Alexander ‘Connor’ Moucka (aka Waifu and Judische) was taken into custody on October 30 following a request by US law enforcement, and is now due to appear in court. The exact nature of the charges are unknown, as extradition requests are considered confidential state-to-state communications, so both nations declined to comment.

Security firm Mandiant recently confirmed it wasstill monitoring ‘Judische’, who was still actively targeting software-as-a-service (Saas) organizations up until very recently. The group behind the original attack is said to be primarily from North America, with one member also in Turkey.

Extortion and data theft

Around 165 organizations had their sensitive data stolen in the attack, which used brute force tactics on the cloud storage provider to breach a series of organizations and extort as much as $3 million from them in total.

Snowflake claimed the breach was a result of a credential stuffing attack and did not originate inside its infrastructure. This suggests the attackers purchased login combinations (usually on the dark web) and essentially just tried countless logins until they found one that worked.

The attacks affected millions of people’s data, and breached companies including the likes of AT&T, Santander, and Live Nation Entertainment (Ticketmaster). Ticketmaster alone reported theloss of 500 million people’s data, making this one of the biggest data breaches in history.

Telecoms giant AT&T reportedly paid $370,000 for a member of the hacking team earlier in 2024 to provide evidence that they had deleted the stolen call records for tens of millions of customers.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

ViaBloomberg

You might also like

The TechRadar hive mind. The Megazord. The Voltron. When our powers combine, we become ‘TECHRADAR STAFF’. You’ll usually see this author name when the entire team has collaborated on a project or an article, whether that’s a run-down ranking of our favorite Marvel films, or a round-up of all the coolest things we’ve collectively seen at annual tech shows like CES and MWC. We are one.

Adobe’s decision to eliminate perpetual licensing for its Elements software has stirred controversy among consumers

VIPRE Security Group says its new endpoint protection tools can stamp out even the latest cybersecurity threats

Huge Black Friday Samsung sale: save up to $1,900 on QLED, OLED TVs, and more