Determining the Potential Data Attack Surface and Reducing the Blast Radius in Light of the Snowflake News | Cyera Blog

Industry reports indicate an active campaign targeting Snowflake customers where attackers use credentials exfiltrated by infostealer malware to access accounts configured with single-factor authentication. Snowflake and responders recommend enforcing MFA, restricting network access, and rotating credentials; the report also promotes using data-classification tools (Cyera) to identify users with access to sensitive data who lack MFA.