Lessons to be Learned from the Latest Cybersecurity Breaches

/ Blog, Breach, Cyberattack, Cybersecurity, Identity Protection / By

Companies are looking at the lessons to be learned from the latest cybersecurity breaches. Data cloud company Snowflake has announced plans to make multi-factor authentication (MFA) mandatory for customers in light of recent attacks.

The use of multi-factor authentication (MFA) could prevent as much as 80–90% of cyber-attacks, according to figures cited by the US national security cyber chief.

In an updated statement published to Snowflake’s community forums on June 1 jointly with CrowdStrike and Mandiant, Snowflake claimed no evidence had been identified suggesting activity was “caused by compromised credentials of current or former Snowflake personnel.” However, the vendor said a threat actor “obtained personal credentials to and accessed demo accounts belonging to a former Snowflake employee” and noted the demo accounts did not contain sensitive data.

Snowflake CEO Sridhar Ramaswamy announced in June plans to provide administrators of Snowflake accounts to make multi-factor authentication (MFA) mandatory. Several high-profile Snowflake customers — including Ticketmaster parent company Live Nation and Santander, one of the largest banks in the world — have reported data breaches linked to Snowflake accounts that lacked MFA. TechCrunch reported that it has viewed more than 500 stolen credentials posted online, containing usernames, passwords and URLs of the Snowflake login pages. 

Next steps to ensure stronger cybersecurity protocols go beyond MFA, however. There are multiple lessons to be learned for companies from this recent spate of breaches. 

  1. Start With MFA and Then Go Beyond: Multi-factor authentication (MFA) adoption is lacking. Companies should enforce MFA and use additional security measures like device-based authentication for sensitive infrastructure.
  2. Use Access Control Lists to Limit Authorized IP Addresses: Implementing access control lists (ACLs) can restrict access to cloud services and help spot anomalies. Reviewing access logs daily is crucial.
  3. Maximize Visibility Into Cloud Services: Continuously monitor applications, log data, and access activity. Alert on specific behaviors or threats to detect and prevent attacks.
  4. Don’t Rely on Your Cloud Providers’ Defaults: Cloud providers often prioritize usability over security. Customers should not rely on default settings and should enforce their own security measures.
  5. Check Your Third Parties: Ensure third-party providers with access to your data are following proper security practices, as they may use services like Snowflake that could expose your data to risk.

The  Cybersecurity and Infrastructure Security Agency of the U.S. government (CISA) recommends all organizations to start planning a move to Fast Identity Online (FIDO) because when a malicious cyber actor tricks a user into logging into a fake website, the FIDO protocol will block the attempt. 

Enfortra provides world-class Identity Protection Services through a customizable white-label SaaS platform, enabling companies to protect customers, members, and employees from fraud and cybercrime. Partnering with industries from auto dealers to HR departments, Enfortra helps businesses boost loyalty, retention, and revenue while owning their brand, configuration, and data.

  • Head Office: Los Angeles, CA 91311​
  • 888 888 7388​
  • info@enfortra.com​

Solutions

Industries

About us

Resources

©2025 Enfortra. All rights reserved.