The tl;dr of the Snowflake thing is mass scraping has been happening, but nobody noticed.. and they're pointing at customers for having poor credentials. It appears a lot of data has gone walkies from a bunch of orgs.

Snowflake is a big AI data company with a conference in the US next week, chances of that going ahead are interesting.

IOCs: https://community.snowflake.com/s/article/Communication-ID-0108977-Additional-Information

Snowflake admin users need to check their Snowflake environment, not sec departments check their on prem.

Snowflake: there is absolutely no cybersecurity incident.

Also Snowflake: Please run these commands and look for "threat activity" logins with the user agent "rapeflake" using this knowledge base article we haven't listed on our website.

https://community.snowflake.com/s/article/Communication-ID-0108977-Additional-Information

Live Nation said its stolen database was hosted on Snowflake, a cloud storage and analytics company.

https://techcrunch.com/2024/05/31/live-nation-confirms-ticketmaster-was-hacked-says-personal-information-stolen-in-data-breach/

The deleted Hudson Rock post on Snowflake breach: https://web.archive.org/web/20240531140540/https://hudsonrock.com/blog/snowflake-massive-breach-access-through-infostealer-infection

For the record I don't think all the content is accurate - however Snowflake did have a security incident via their former employee, they have full IR stood up. They didn't follow their own best practices.

I also know multiple orgs who've had their full databases taken from Snowflake.