Research_Day001

Quick Overview of the Day's Focus:

Learning the Android Dev Suite - how the studio works, basic file structure of android apps, and basic understanding of Kotlin

Understanding Environmental Variables - what they are, why the are important to Operating Systems, and how to adjust them.

More in depth Analysis:

I am writing this after the fact so I will not be including a more in depth analysis. From now on, following my scheduled work time, I will be including the analysis to better describe what it is I am working on. The hope behind the analysis portion of my posts is to provide me a starting point next time I work and to track my progress.

Multifactor Authentication: Strengthening Identity Security in the Digital Age

In today’s interconnected world, safeguarding digital identities has become paramount. Cyber threats are constantly evolving, posing significant risks to individuals and organizations alike. In this blog, we delve into the importance of multifactor authentication (MFA) as a robust solution for strengthening identity security and mitigating cyber risks.

Understanding Multifactor Authentication (MFA):

Multifactor authentication is a security measure that requires users to provide two or more verification factors to access a system or application. These factors typically include something the user knows (e.g., password), something the user has (e.g., smartphone or hardware token), and something the user is (e.g., biometric data like fingerprint or facial recognition).

The Importance of MFA in Identity Security:

Enhanced Security: MFA adds an extra layer of protection beyond passwords, reducing the risk of unauthorized access due to compromised credentials.

Mitigation of Credential Theft: With MFA in place, even if a password is compromised, additional factors are required for authentication, minimizing the impact of credential theft.

Compliance Requirements: Many regulatory standards and data protection laws, such as GDPR and PCI DSS, mandate the use of MFA to ensure secure access to sensitive information.

User Convenience: Modern MFA solutions offer seamless and user-friendly authentication methods, balancing security with convenience for users.

Types of Multifactor Authentication:

Passwords + One-Time Passcodes (OTPs): Users combine their passwords with unique, time-sensitive OTPs generated via SMS, email, or authenticator apps.

Biometric Authentication: Utilizes unique biological traits such as fingerprints, facial features, or iris scans for identity verification.

Hardware Tokens: Physical devices that generate OTPs or cryptographic keys, providing an additional layer of security.

Mobile-Based Authentication: Leveraging smartphones for authentication via push notifications, biometrics, or mobile authenticator apps.

Benefits of MFA for Businesses:

Reduced Risk of Data Breaches: MFA significantly reduces the risk of unauthorized access and data breaches, protecting sensitive information.

Compliance Adherence: Organizations can meet regulatory requirements and industry standards by implementing MFA as part of their security policies.

Increased Trust and Customer Satisfaction: MFA reassures customers and stakeholders about the security measures in place, enhancing trust and satisfaction.

Protection Against Phishing and Social Engineering: MFA adds a barrier against phishing attacks, as even if credentials are phished, additional factors are needed for authentication.

Best Practices for Implementing MFA:

Choose the Right Authentication Factors: Select authentication factors based on security requirements, user convenience, and regulatory compliance.

Educate Users: Provide training and awareness programs to educate users about the importance of MFA and secure authentication practices.

Implement Risk-Based Authentication: Utilize risk-based authentication to dynamically adjust MFA requirements based on risk levels and threat detection.

Integrate MFA with Identity Governance: Integrate MFA solutions with identity governance and administration (IGA) platforms for centralized management and policy enforcement.

Conclusion

Multifactor authentication is a crucial component of modern identity security strategies, offering robust protection against cyber threats and unauthorized access. By implementing MFA solutions tailored to their needs, organizations can strengthen security, enhance compliance, and build trust with stakeholders in an increasingly digital and interconnected landscape. Embracing MFA as a proactive security measure is essential for safeguarding digital identities and mitigating cyber risks effectively.

تشات جي بي تي المُحدَّث GPT-4o لا يجيد العدّ والحساب لذا لا تُعوّل عليه في حساب عدد الكلمات

ما هذه المجموعة من المختارات تسألني؟ إنّها عددٌ من أعداد نشرة “صيد الشابكة” اِعرف أكثر عن النشرة هنا: ما هي نشرة “صيد الشابكة” ما مصادرها، وما غرضها؛ وما معنى الشابكة أصلًا؟! 🎣🌐 🎣🌐 صيد الشابكة العدد #72 السلام عليكم ومرحبًا؛ 🎣🌐 صيد الشابكة العدد #72🌞 عندما تُكلِّم فتاة بهائية لا تستعن بتشات جي بي تي❓ من هو اللامنتمي ولمَ سهولة الوصول للمعلومة ليست ميزة؟🤔 *ما أهمية أفلاطون تسألني؟ 📪 نشرات من آل…

View On WordPress

5 reasons to choose Skillmine Authenticator

With SSO, organizations can enforce stronger authentication measures, such as multi-factor authentication (MFA), for the initial login. This adds an extra layer of security to protect sensitive data and prevent unauthorized access. Additionally, SSO enables centralized control and monitoring of user access, simplifying user provisioning and de-provisioning processes. This helps organizations maintain compliance with data protection regulations and ensures that access privileges are granted and revoked in a timely manner.

Website: https://skill-mine.com/products/best-multifactor-authentication/

I shouldn't need two apps three passwords and a phone call to get into my student email fuck you

Multifactor Authentication Market - Forecast(2024 - 2030)

Multifactor Authentication Market Overview

The Multifactor Authentication Market is currently valued at $10.4 billion in 2022 and is expected to reach a valuation of $26.8 billion by 2027 growing at a CAGR of 15.08%. The increasing number of cyber-attacks, data breaches, and stringent government regulations regarding the privacy of sensitive data are the major factors that will be driving the growth of this market. The rapid digitization of the infrastructure of many end-user industries such as BFSI, healthcare, governmental entities and others are also accelerating the expansion of the Multifactor Authentication Market. The voluminous amount of data and the threat of such sensitive data getting exposed has resulted in many high performing organizations across industries deploying extremely sophisticated security technology. Although password authentication remains the most common method for access authentication, the increasing number of phishing attacks, automated bots, and similar other types of sinister attacks. This has resulted in the deployment of more advanced security authentication systems such as use of One Time Password to verify the registered mobile number, biometric verification, and others. These are very important components of the identity and access management architecture. These aforementioned factors will positively influence the Multifactor Authentication industry outlook during the forecast period.

Multifactor Authentication Report Coverage

The report: “Multifactor Authentication Report – Forecast (2022-2027)” by IndustryARC, covers an in-depth analysis of the following segments in the Multifactor Authentication Industry.

By Authentication Type: Password Authentication and Password-less Authentication. By Model Type: One-factor Authentication Systems, Two-factor authentication systems, Three-factor Authentication Systems, Four-factor Authentication Systems, Five-factor authentication systems and others. By End-user: BFSI, Government, Defence, Healthcare, E-Commerce Organizations, Telecommunications, IT, Manufacturing and Others. By Geography: North America (the U.S., Canada, Mexico), Europe (UK, Germany, France, Italy, Spain, Others), APAC (China, Japan, South Korea, India, Australia, Others), South America (Brazil, Argentina, Others) and RoW (Middle East, Africa).

Request Sample

Key Takeaways

BFSI will be the fastest-growing segment by end-users in this market with a CAGR of about 16.28% due to increasing incidences of phishing attacks, data breaches, and government regulations regarding the handling of sensitive data.

Password less Authentication is the fastest-growing segment by Authentication Type in this market with a CAGR of 16.84% due to increasing frequency of brute force attacks via botnets, password spraying, and reduced costs in the long run.

North America region holds the largest market share at 31% due to increasing frequency of industrial patent theft, phishing attacks against prominent individuals, and attacks by automated bots to spread fake news and shape public opinion.

Multifactor Authentication Market Segment Analysis - by Authentication Type

The Multifactor Authentication Market can be classified into two segments according to Type such as Password Authentication and password less Authentication. Between them, password less Authentication is projected to have the fastest growth at a CAGR of 16.3% in the forecast period of 2022-2027. Increasing frequencies of phishing attacks, brute force attacks by botnets, and sophisticated malware attacks which can bypass security safeguards are the main factors that are driving the growth of this segment. In June 2022, LastPass announced that it will allow its users access to their vaults via a password less authentication system whereby the users will be sent a login request on the LastPass Application. This mechanism removes the need for users to copy and paste their passwords for login and also removes the risk of compromised passwords. Such developments are likely to propel the rapid expansion of this segment in the market.

Inquiry Before Buying

Multifactor Authentication Market Segment Analysis - by End-user

Multifactor Authentication has varied applications across different sectors such as BFSI, Government, Defense, Healthcare, E-Commerce Organizations, Telecommunications, IT, Manufacturing, and others. Among them, BFSI segment will exhibit the fastest growth at a CAGR of 16.28% in the forecast period 2022-2027. The increasing specificity of cyber-attacks such as phishing attacks, suspicious malware, and brute force attacks capable of overpowering the security safeguards of the system has led to a number of central banks mandating extremely stringent regulations regarding the handling of such sensitive data. In May 2022, the Saudi Central Bank (SAMA) underlined the need to take proactive and preemptive measures to confront the growing cyber threats and advanced trickeries of hackers that hamper the smooth functioning of the financial sector. Such developments will result in widespread of adoption of these systems by financial institutions which will lead to rapid expansion of this segment in the market.

Multifactor Authentication Market Segment Analysis - by Geography

The Multifactor Authentication Market in the North America region will account for the highest share at 31% in 2021. Increasing number of attacks on corporations leading to theft of sensitive industrial secrets, rising incidences of attacks on small businesses, and financial fraud has resulted in widespread adoption of these systems. Rapid digitization of the economy, adoption of cloud and enterprise solutions to secure sensitive data and government legislation are some of the key factors that will accelerate the growth of the market in this region. In February 2022, U.K. and U.S. intelligence announced that Russian hackers were behind an operation targeting a communications company Viasat in Ukraine that led to outages for several thousand Ukrainian customers, and impacted windfarms and internet users in central Europe. Such developments will positively impact he rapid adoption of such systems which will rapidly accelerate the growth of the market.

Schedule a Call

Multifactor Authentication Market Drivers 

Rising number of cyber-attacks, governmental legislation and user experience:

The increasing frequencies of sophisticated cyber-attacks such as phishing, vishing and other malware attacks across multiple sectors are some of the major factors that are driving the growth of this market. The rising incidences of financial fraud, sophisticated forms of hacking, and spreading of fake news on social media to mould public perception has resulted in government to mandate legislation regarding data protection and privacy. In June 2022, Microsoft announced that they had suspended 20 One Drive accounts associated with the group called “Polonium” which in collaboration with Iran’s Ministry of Intelligence and Security was abusing the file hosting services and conducting cyberattacks on Israeli firms across multiple industries such as defense and financial services. Such developments will drive the rapid adoption of these systems which will accelerate the rapid expansion of this market.

Rapid Adoption of Multifactor Authentication due to incorporation of advanced technologies such as Public Key Infrastructure, behaviour-based authentication, and others:

Rapid technological advancements in Multifactor Authentication Systems such as advances in Public Key Infrastructure, authentication systems, and other such technological advances will lead to widespread adoption of these systems across industries. The deployment of advanced features in existing authentication systems such as Iris recognition systems and Voice Authentication Systems has drastically enhanced the capabilities to check fraudulent activities. Other technologies that are revolutionizing the industry are geolocation and facial recognition systems which incorporate the current location and facial pattern recognition technologies to authenticate the person’s identity. In May 2022, the Bangalore Metro Rail Corporation (BMRCL) announced to replace smart cards, tokens, and passes with facial recognition systems in a bid to make processes hands-free in the IT hub of the country. Such developments will rapidly accelerate the growth of the market.

Multifactor Authentication Market Challenges

High Initial cost of installation and maintenance, increased complexity of operations, and increased response time for authentication tools:

High initial cost of installation of multifactor authentication systems, increased complexity of operations, and increased service time are some of the key factors that are restricting the growth of this market. The increase in the number of layers of protection of Multifactor Authentication Systems has resulted in a much longer service time since it requires multiple identifying factors of the user. Also, the lack of understanding among the business community regarding the utility of these systems and the concern of having a possible breach that might expose the most sensitive data of their employees is inhibiting the growth of this market.

Buy Now

Key Market Players

Product launches, collaborations, and R&D activities are key strategies adopted by players in the Multifactor Authentication Market. The top 10 companies in the Multifactor Authentication Market include:

MicroFocus

Broadcom

Microsoft

One Span

Okta

Thales

Oracle

SalesForce

CyberArk

SilverFort

Recent Developments

In April 2022, CyberArk announced that it has achieved SOC2 Certification which makes it the first Identity Security provider offering SOC 2 Type 2-certified SaaS solutions for privileged access management (PAM), endpoint privilege management, remote vendor access, Identity and Access Management, and cloud infrastructure entitlements management. 

In February 2022, Smart Communications and One Span Inc. announced a partnership that integrates OneSpan’s e-signature product, OneSpan Sign, into the Smart Communications platform to extend the value of the total customer experience. Such developments will rapidly accelerate the growth of the market.

In September 2021, Bank Id announced its decision to use OneSpan’s cloud authentication and anti-fraud offerings to improve the customer experience and help secure one of the most widely used applications in Norway. Such developments will positively impact the growth of the market.

US Agencies Warn of Opportunistic Rhysida Ransomware Attacks

The Rhysida attackers exploit vulnerabilities like the lack of Multi-Factor Authentication (MFA) and the Zerologon vulnerability to gain initial access and maintain a presence within victims’ networks.

View On WordPress

Research_Overview

It is fair to say, I like keeping busy. One way I do this is through working as a part-time research assistant at my University. The focus of the research is on context aware multifactor authentication (MFA), which is to say, how can we determine users are who they claim to be, using the context their phone and actions provide. This could be looking at their phone specs or typing speed to see if anything changes between each authentication or simply randomizing what form of authentication they use.

But eroz-codes, doesn't that seem like overkill? Well, maybe. The end goal is that this would be implemented in the industrial control systems (ICS) that support a countries critical infrastructure and, in the scope of my research, specifically the energy sector. There is a potential that if a malicious actor were to gain access to an ICS they could do a good deal of permanent damage to said country. This damage could range from small outages across to a full power grid being shutdown. So no, with that in mind, I think context aware MFA has a lot of potential to add a much needed layer of security.

My team is achieving this goal by creating an app that simulates the authentication process. We are seeing how much information we can gain from the user without them having to jump through unnecessary hoops. There is a saying that the challenge in cybersecurity is striking the balance between security and usability. You can have the most secure system in the world, but if it's too difficult for users to navigate, they'll find ways to work around it, compromising security in the process. Hopefully, this will maintain that balance without causing a need for users to find a loop hole.

All in all, I adore what I do. I find the concept intriguing and feel like I am doing something to help keep people safe, which is really what cybersecurity is all about. It's easy, I think, for professionals to feel discouraged when their work goes unappreciated especially in this field when you sometimes only get noticed when something goes wrong. My two cents is what you put into the world is far more important than how you look to it. Feel fulfillment from the fact that you are using your knowledge to protect something and are doing it so well that it seems almost effortless.

Revolutionizing Digital Identity Management: Secure, Easy, and Insightful

Digital Identity Management: In today's interconnected digital landscape, safeguarding your identity online is paramount.

With the proliferation of digital services and transactions, the need for robust identity verification solutions has never been more critical.

At Biocube Technologies, we are proud to introduce our groundbreaking multi-factor biometrics platform, designed to revolutionize the way users prove their digital identity and consume digital services.

Our platform offers unparalleled security through advanced biometric authentication methods, ensuring that only authorized users can access their digital accounts and services.

By leveraging a combination of unique biometric identifiers such as contactless fingerprints, facial recognition, and voice authentication, we provide a highly secure authentication process that mitigates the risk of fraud and unauthorized access. But security is just one piece of the puzzle.

We understand the importance of delivering a seamless and user-friendly experience. That's why our platform is engineered for maximum convenience, allowing users to prove their digital identity effortlessly through their personal devices.

Whether it's accessing online banking services, making digital payments, or logging into secure portals, our platform streamlines the authentication process, eliminating the need for cumbersome passwords and PINs.

Furthermore, our solution is designed to minimize costs for both users and businesses alike. By leveraging existing hardware capabilities on personal devices, such as smartphones, tablets, laptops, desktops, and IP/CCTV cameras we eliminate the need for costly hardware tokens or specialized equipment.

This not only reduces upfront investment but also lowers ongoing operational expenses, making our platform an affordable and sustainable solution for businesses of all sizes.

But the benefits don't stop there. In addition to enhanced security, convenience, and cost savings, our platform provides actionable data insights that empower businesses to make informed decisions and optimize their digital offerings.

By analyzing user behavior and interaction patterns, we deliver valuable insights that enable businesses to personalize services, improve customer experiences, and drive growth.

Conclusion

Biocube is committed to revolutionizing digital identity and access management, making it secure, easy to use, and insightful. With our patented multi-factor biometrics platform, users can prove their digital identity with confidence, while businesses can unlock new opportunities for innovation and growth.

Join us in shaping the future of digital identity – secure, seamless, and smart.

For more information about our platform and how it can benefit your business, please contact us today.

Biocube Technologies Inc. Email: [email protected] Website: www.biocube.ai

Chancellor Palpatine uses the same passcode for every account, and refuses to set up Space Multifactor Authentication

his official government Space Social Media account is, naturally, hacked by someone planning to use it to make a meme post about how Palpatine did the Invasion of Naboo (a la "Bush did 9/11" memes), and so the hacker immediately tries that passcode on a bunch of other sites, and....well, hits the paydirt of the century, accessing all of the secret Banking Clan accounts and additional comms systems that Sidious has been hiding

they drop an anonymous tip to the Jedi, and then dump the information on the holonet, sending copies to every reputable news platform in the galaxy as they gather up all of their loved ones in order to disappear them all on the most obscure and inaccessible dirtball they can find to hide from the fallout

but not before using Palpatine's Space Social Media account to post "I literally actually did the Invasion of Naboo lol, and I've posted the proof online"

i deleted tumblr off my phone because i want to use it as a website more for the true #vintage experience but also to spend less time on my phone and yet i still wake up every day and go hmmmm i want to go on tumblr and stare at my phone screen before opening wordle instead because im too stubborn to redownload it (i dont want to do multifactor authentication more than anything else for no reason at all other than it pisses me off) and anyway apparently this is the last social media site i just cant quit. im online less but damn i wish i wasn't & i hope everyone's doing well i think of you often.... i'm reading the brother karamazov for the first time (second attempt) and im really enjoying it. something tells me this is the same guy who wrote crime and punishment. not sure what's tipped me off about this but it's just the vibe i'm getting from some of these character discussions.... that's my update. off to eat toast xx. brb maybe. or maybe not.... everything is queued btw. i wish i was like sam game changer (here the whole time) but im not..

i know that multifactor authentication is good and safe and everything but it drives me nuts like it's meeeeee don't you know me you are my phone my companion you should recognize my spirit alone

Kunsel says:

We should maybe have a stricter definition of what counts as "hacking", okay?

It was a slow day at work, and he decided to guess people's email passwords in 10 attempts.

How does it go?

YESSSSSSSSS

Pro tips: make your password long, that is the most important factor. Use a password manager, most of them have a free option. Adding complexity does help, but focus on length first. Size does matter here. Multi-factor authentication (MFA) also helps a lot.

---------

Kunsel: Zack, gimme your password!

Zack: ...

Kunsel: Come on man, I need it for something!

Zack: 😭😭😭 buddy I would, but I forgot it again 😭😭😭😭😭😭

Kunsel: Ok man, it's ok, let's look around your desk...here, under this pile of chip bags, I think i saw...yeah, here's the penguin toy...and yep, Password Penguin has "Zack'ss00p3rp4ssw0rd!" written on the bottom. Let's try it!

(it works)

Zack: THANK YOU KUNSEL I THOUGHT I'D LOST HIM AND I COULDN'T REMEMBER AND-

Kunsel: *wheeze* Zack let go, I need to breathe *wheeze*

-----------

Kunsel tries to guess Roche's by typing it in.

M0t0rcycle!

ShinyDancer

Sh1n33D4nc3r!

He's in.

------------

Kunsel tries to guess Sephiroth's. On the 9th try, he gets it: Seph+Jenova4ever

Horrible things are uncovered along the way and now he needs to send Sephiroth some information very discreetly.

------------

Lazard. Kunsel knows better. He gives a few guesses, but decides to actually hack this.

He sets up a hash capturing tool over the internal network and waits for Lazard to log on. He does. Kunsel captures the hash and starts cracking it.

Three days later, the hash cracker has not worked and he has to give up on that.

Kunsel: Sir, I need to get into your email, will you please send me your password?

Lazard: Of course not, that is unsafe and against company policy. However, you're welcome to come to my office to perform any actions we both deem necessary.

Kunsel goes over and Lazard is using multifactor authentication, so just having the hash cracked wouldn't have worked anyway. He sets up a keylogger surreptitiously on Lazard's workstation while "performing updates" and showing Lazard new features in his email.

The things he captures with that keylogger:

* Numerous emails covering for boneheaded shit the SOLDIERs did.

* The letter "A" typed about a thousand times into a text file labeled "definitely not screams.txt".

* Moogle searches for "how to convince your employees to get therapy", "pasta recipes", "therapists near me", "child psychology for adults", "play therapy for adults", "cat psychology", and "shrimp pasta recipes".

* The password: &oh'ihiy_-8_gi"it"gi_ipkb0(-ur#3-@--LXS4ever--9(9;0(!08(098+pihjboigig(@ukopih

Then it is a simple matter of finding a zero-day race condition hack in the MFA software, timing things just right, and entering the password and hacked MFA key at the perfect moment.

Kunsel of course has pity on the man after seeing even more emails such as...

* Explaining to Roche that doing squats over his motorcycle makes it look like he's humping it, and it is making people uncomfortable.

* Asking Genesis to please not actually firaga the recruits this week, they don't need a lawsuit. No, it's not character building. No, even though it was part of his home training and Shinra sanctioned training a few years ago.

* Inviting Sephiroth over for shrimp pasta to discuss strategy.

* Asking Angeal to seek therapy so the others will follow his lead.

* Telling Zack that he could not have a therapy flamingo in the office. Even if it was a lawn ornament.

* Warning Hojo not to take Sephiroth this week.

* Warning Hollander not to take Genesis and Angeal this week.

* Reaming Heidegger out very politely for all his BS.

Kunsel logs out without doing anything. Lazard needs a break.

--------

Kunsel calls Angeal pretending to be the help desk. Angeal, a bit embarrassed over his upbringing and unsure because he feels unused to technology, eventually gives Kunsel the password: BanoraBoys123!

----------

Genesis' is guessed on the 7th try because Kunsel didn't want to bother typing in an entire stanza of Loveless with numbers instead of vowels.

1nf1n1t3_1n_myst3ry_1s_th3_g1ft_0f_th3_g0dd3ss__w3_s33k_1t_th7s_4nd_t4k3_t0_th3_sky_r1ppl3s...

He sends an email from Genesis inviting everyone to a Loveless recital on Tuesday. It backfires because several people, including Genesis, show up and have a great time.

-----------

Kunsel tries Zack's little trooper friend next. He's a tough nut to crack. He won't pick up his PHS to get vished, won't click on Kunsel's phishing emails, and won't tell Zack or Kunsel his password.

Kunsel captures his hash and cracks it. It takes a full 24 hours, but he gets it in the end:

!1986fuck_this_shit

One of the biggest hacks of the year may have started to unfold. Late on Friday, embattled events business Live Nation, which owns Ticketmaster, confirmed it suffered a data breach after criminal hackers claimed to be selling half a billion customer records online. Banking firm Santander also confirmed it had suffered a data breach impacting millions of customers and staff after its data was advertised by the same group of hackers.

While the specific circumstances of the breaches—including exactly what information was stolen and how it was accessed—remain unclear, the incidents may be linked to attacks against company accounts with cloud hosting provider Snowflake. The US-based cloud firm has thousands of customers, including Adobe, Canva, and Mastercard, which can store and analyze vast amounts of data in its systems.

Security experts say that as more details become clear about hackers' attempts to access and take data from Snowflake’s systems, it is possible that other companies will reveal they had data stolen. At present, though, the developing situation is messy and complicated.

“Snowflake recently observed and is investigating an increase in cyber threat activity targeting some of our customers’ accounts,” wrote Brad Jones, Snowflake’s chief information security officer in a blog post acknowledging the cybersecurity incident on Friday. Snowflake has found a “limited number” of customer accounts that have been targeted by hackers who obtained their login credentials to the company’s systems, Jones wrote. Snowflake also found one former staff member’s “demo” account that had been accessed.

However, Snowflake doesn’t “believe” it was the source of any leaked customer credentials, the post says. “We have no evidence suggesting this activity was caused by any vulnerability, misconfiguration, or breach of Snowflake’s product,” Jones wrote in the blog post.

While the number of Snowflake accounts accessed and what data may have been taken have not been released, government officials are warning about the impact of the attack. Australia’s Cyber Security Center issued a “high” alert on Saturday, saying it is “aware of successful compromises of several companies utilizing Snowflake environments” and companies using Snowflake should reset their account credentials, turn on multifactor authentication, and review user activity.

“It looks like Snowflake has had some rather egregiously bad security compromise,” security researcher Troy Hunt, who runs data breach notification website Have I Been Pwned, tells WIRED. “It being a provider to many other different parties, it has sort of bubbled up to different data breaches in different locations.”

Details of the data breaches started to emerge on May 27. A newly registered account on cybercrime forum Exploit posted an advertisement where they claimed to be selling 1.3 TB of Ticketmaster data, including more than 560 million people’s information. The hacker claimed to have names, addresses, email addresses, phone numbers, some credit card details, ticket sales, order details, and more. They asked for $500,000 for the database.

One day later, the established hacking group ShinyHunters—which first emerged in 2020 with a data-stealing rampage, before selling 70 million AT&T records in 2021—posted the exact same Ticketmaster ad on rival marketplace BreachForums. At the time, Ticketmaster and its parent company Live Nation had not confirmed any data theft and it was unclear if either post selling the data was legitimate.

On May 30, ShinyHunters also claimed to be selling 30 million customer details and staff information from Santander, putting a $2 million price tag on the information. Both posts on BreachForums have drawn attention to the illegal marketplace, which was recently revived by ShinyHunters after the FBI took the website down on May 15. The posts may, at least in part, be efforts to restore the disrupted forum’s damaged reputation with criminals.

The two hacks were linked to Snowflake’s systems by Israeli security firm Hudson Rock, which, in a now-removed blog post, posted conversations its researchers had with the alleged hacker who claimed to have accessed Snowflake’s systems and exfiltrated data. The hacker claimed they had tried to sell the data back to Snowflake for $20 million. (Hudson Rock did not respond to WIRED’s questions about why it has removed its research).

The Hudson Rock post claimed that a Snowflake employee may have been infected by an infostealer that collected the details the hacker needed to log in to its systems. Charles Carmakal, the chief technology officer at Google-owned security firm Mandiant, told BleepingComputer that its investigations, which have been taking place in recent weeks, indicate information-stealing malware may have been used to get Snowflake account credentials.

A Ticketmaster spokesperson told TechCrunch that its stolen database was hosted on Snowflake after the company acknowledged a data breach in a filing to the Securities and Exchange Commission on Friday evening. In the middle of May, before its data was advertised online, Santander first said it had seen unauthorized access to one of its databases “hosted by a third-party provider,” however it has refused to name the third party.

Snowflake’s CISO, Jones, acknowledged the security incident on Friday, saying that if a “threat actor obtains customer credentials, they may be able to access the account.” The company says it became aware of the suspicious activity on May 23 but has since found out it had been happening since mid-April. Jones’ post says Snowflake has notified all of its customers and “encouraged” them to review account settings and ensure they have implemented multi-factor authentication. In an additional security bulletin, Snowflake says it has seen “malicious traffic” from a client calling itself “rapeflake” and also connections from another client called “DBeaver_DBeaverUltimate.” A company spokesperson tells WIRED they have “nothing else to add” beyond the information included in company posts.

Cloud security company Mitiga says its investigations have seen a threat actor targeting organizations using Snowflake databases and using an attack tool called “​​rapeflake” in the process. Roei Sherman, field CTO at Mitiga, tells WIRED one possible scenario is that a threat actor managed to get information about Snowflake’s systems and then stole information about its clients, possibly using automated tools and brute-forcing their way into accounts.

Sherman says little is known about what data was stolen at the moment or the “​​rapeflake” tool, but that the attack could have wider ramifications going forward. There are already early signs other companies may be impacted.

Sherman says some of Mitiga’s customers have reached out to it for help, while Mandiant told BleepingComputer it had been assisting Snowflake customers in recent weeks. Cybersecurity researcher Kevin Beaumont shared online that he knows of six companies that have been impacted. And Australian events company Ticketek has also revealed customer names and email addresses stored in a “cloud-based platform, hosted by a reputable, global third-party supplier” have been accessed, although a spokesperson refused to confirm if this was related to Snowflake at all.

“We haven’t seen the entire blast radius yet,” Sherman says. “Snowflake has thousands of clients—they offer self-registration—and some of their clients are huge companies. We expect to learn about additional companies compromised.”