Meet the Satori team at AWS Summit NYC, July 10th 🗽

Satori

Satori’s Response to The Snowflake Credential Stuffing Data Breach Attempts Campaign

|CTO and Co-Founder

Several publications recently released news of an ongoing campaign attempting to steal data from Snowflake customers by gaining unauthorized access to their Snowflake environment. The latest information provided by Snowflake confirms such a campaign and provides additional information on how customers can potentially detect and mitigate such activity.

What is Satori doing?

Satori is a Data Security and Governance Partner of Snowflake, and as such, observes a large number of Snowflake environments. Since learning of the campaign, the Satori team has continuously monitored these Snowflake environments to ensure any suspicious activity is immediately reported and blocked.

 

The latest monitoring results show the following:

  1. A single connection attempt from IP address 185.204.1.178 on May 8th was detected. The connection attempt did not contain a hostname which prevented it from being routed further. The connection was blocked.
  2. No query activity has been detected from any suspicious IPs or clients provided by Snowflake.

 

To help customers monitor for suspicious activity in their Snowflake environments, Satori released a new report called Activity by Suspicious IPs that indicates query activity from the list of suspicious IPs provided by Snowflake.

 

To proactively block activity from the list of suspicious IPs provided by Snowflake, Satori can push a network policy to the relevant data stores on request. Please open a support ticket at support@satoricyber.com for more information.

 

The Satori support team is on standby to answer customer queries and provide additional information as needed.

Get the latest from Satori
Learn More About Satori
in a Live Demo
Book A Demo
About the author
|CTO and Co-Founder

Yoav Cohen is the Co-Founder and Chief Technology Officer of Satori Cyber. At Satori, Yoav is building the company’s technology vision and leading the research and engineering teams that build the Secure Data Access Cloud. Prior to founding Satori Cyber, Yoav was the Senior Vice President of Product Development for Imperva, which he joined as part of the acquisition of Incapsula, a Cloud-based web applications security and acceleration company, where he was the Vice President of Engineering. Before joining Incapsula, Yoav held several technology leadership positions at SAP.

When he isn’t glued to his laptop or on a whiteboard, Yoav can be found traveling with his wife and four kids in an RV, playing electric guitar or doing laps at the pool. He is still dreaming about building his own Operating System.

Yoav holds an M.Sc in Computer Science from Tel-Aviv University and a B.Sc in Computer Science and Biology from Tel-Aviv University.

Back to Blog