IT Security Update: Snowflake Cloud Storage Attack, Customer Hacks Alleged

A recent cyberattack against Snowflake, a cloud provider, compromised sensitive data from companies like LendingTree, QuoteWizard, and Advance Auto Parts. Attackers gained unauthorized access to these firms' Snowflake data warehouses by obtaining stolen employee login credentials, likely via malicious software. The stolen credentials allowed bad actors to access sensitive data from Snowflake instances lacking multi-factor authentication (MFA) security. Often, these attacks are initiated by malicious, or (phishing) email.

Staying Safe from Phishing

Phishing aims to steal credentials and data. Protect yourself:

  1. Beware of unsolicited emails/messages, even if seemingly legitimate. Verify senders.
  2. Check for errors, inconsistencies in branding/logos, and suspicious links/addresses.
  3. Keep software/systems updated with latest security patches.
  4. Never share sensitive info in an email reply unless absolutely certain of the sender's legitimacy.

Vigilance reduces phishing and cyberthreat risks. Fairfield University has enabled MFA for all University Snowflake accounts to protect the University.

More info:


If you have any questions, please contact the Information Security Team by emailing itsecurity@fairfield.edu.



For more information, contact Hank Foss / 2032544058 / hfoss@fairfield.edu