We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform;
We have not identified evidence suggesting this activity was caused by compromised credentials of current or former Snowflake personnel;
This appears to be a targeted campaign directed at users with single-factor authentication;
As part of this campaign, threat actors have leveraged credentials previously purchased or obtained through infostealing…
