Have I Been Pwned has uncovered a data breach that exposed the personal information of almost 57,000,000 retail customers of Hot Topic, Torrid, and Box Lunch. 54 million email addresses and the credit card information of 25 million users was linked to a hacker called “Satanic.” The Hot Topic breach can specifically be tied back to the Snowflake vulnerability that impacted significant amounts of customer data.
Experts from Traceable AI and Spektion have provided commentary on the breach and its implications below.
Dr. Katie Paxton-Fear, API Researcher, Traceable AI
“This isn’t the first breach that’s involved data platform, Snowflake. Snowflake allows organizations to easily operationalize their data, giving them access to capabilities that can be inaccessible to many organizations. But having so much data in one tool will make it extremely enticing to malicious actors. Before implementing and operationalizing these kinds of data, ingest platforms with customer data to recognize where third-party tools might need more scrutiny when it comes to security.
We can take a number of lessons from this breach: First, ensuring only those who need access have it and enabling multifactor authentication could have provided some protection when it came to gaining access to Snowflake. Second, ensuring that Snowflake and other third-party tools are configured securely. Finally, practicing data minimization could limit the damage so that fewer customers were affected. It’s important to recognize that infostealer malware and double ransom attacks are extremely common and every organization should have an incident response plan that covers these types of attacks.
Joe Silva, CEO, Spektion
“Enterprises of all sizes and technical abilities are facing new challenges in third-party risks as vulnerabilities and software supply chain targeting increase. The Snowflake-related incidents highlight how third-party vendor risk isn’t just confined to vulnerabilities in the software itself, but also in its configuration. In this case, authentication configurations in Snowflake can also introduce risk, so understanding your third-party software risk means taking all of this into account.”
