HIGH ALERT – Increased cyber threat activity targeting Snowflake customers

Background / What’s happened?

  • The ASD’s ACSC is tracking increased cyber threat activity relating to Snowflake customer environments.
  • The ASD’s ACSC is aware of successful compromises of several companies utilising Snowflake environments.

Mitigation / How do I stay secure?

  • Australian organisations who utilise Snowflake should reset credentials for active accounts, disable non-active accounts, enable Multi-Factor Authentication (MFA), and review user activity.
    Snowflake have published an advisory to assist in identifying instances of unauthorised access.

Assistance / Where can I go for help?

The ASD’s ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted or require assistance can contact us via 1300 CYBER1 (1300 292 371).