Fallout Expands From Breaches of Customer Databases on Snowflake Platform

Todd Faulk
Todd Faulk Senior Editor
Todd Faulk Todd Faulk Senior Editor

The financial services company LendingTree has confirmed that its subsidiary, QuoteWizard, may have been affected by the recent breaches of customer databases hosted on the Snowflake platform.

On June 7, a spokesman for LendingTree said, “We take these matters seriously, and immediately after hearing from [Snowflake] launched an internal investigation. That investigation is ongoing. As of this time, it does not appear that consumer financial account information was impacted, nor information of the parent entity, LendingTree.”

Other reporting seems to bely that statement. On June 1, a hacker claimed on the cybercriminal platform BreachForums that they had stolen the personal data of 190 million QuoteWizard customers and were demanding a $2 million ransom for its safe return. The data supposedly includes customer details, insurance quotes, and partial credit card numbers.

The same hacker also claims to have stolen from a Snowflake database information belonging to 380 million customers of Advance Auto Parts, the giant auto parts retail chain. One researcher verified that at least some of the data in the stolen database is legitimate. The company said it was investigating the claim.

Snowflake has reportedly advised approximately 165 companies that host databases on its platform that their customer information may have been accessed by unauthorized parties in the recent cyberattacks.

The company still maintains that its platform has not been compromised but that a threat actor or actors have obtained the credentials for the customer databases from other sources. It says it is working with all its clients to strengthen their login credentials and to use multi-factor authentication.

“We are also developing a plan to require our customers to implement advanced security controls, like multi-factor authentication (MFA) or network policies, especially for privileged Snowflake customer accounts,” said Brad Jones, an official from Snowflake.

On June 3, the US Cybersecurity & Infrastructure Security Agency (CISA) issued an alert advising all Snowflake customers that cyberattacks against the platform have increased and that they should immediately upgrade their security measures and look for malicious activity affecting their Snowflake databases.[1]


[1] https://www.cisa.gov/news-events/alerts/2024/06/03/snowflake-recommends-customers-take-steps-prevent-unauthorized-access

About the Author
Todd Faulk
Todd Faulk
Senior Editor

About the Author

Todd Faulk is a Senior Editor at SafetyDetectives. He has more than 20 years of professional experience editing intelligence reports, course plans, and online articles. He's a freelancer who has produced work for a wide variety of clients, including the US Government, financial institutions, and travel and technology websites. Todd is a constant traveler, writer of his own travel blog, and avid reader of new developments in science and technology.

Leave a Comment