Start United States USA — software The Snowflake breach tells us that passwords aren't enough

The Snowflake breach tells us that passwords aren't enough

218
0
TEILEN

Are we ready for a passwordless world?
Snowflake Inc. is a US-based cloud storage provider that supplies some worldwide organizations with data servers. Some of its clients include banks, supermarket chains, mobile operators, and more. Hundreds of Snowflake customers have been the target of a serious hack about a month ago, which experts believe may turn into one of the biggest data breaches ever.
Ticketmaster and Santander are some of the big names to have been affected. Cybercriminals allegedly used stolen login credentials to illegally access companies‘ accounts, with hundreds of Snowflake customer passwords reportedly found online.
While all the collateral damages aren’t yet clear at the time of writing, we do know something—passwords alone aren’t enough to secure an account nowadays. Snowflake itself is now urging all customers to enable MFA (multi-factor authentication). Is it finally the time to enter into a passwordless world? Less password, more security
The obvious elephant in the room here is that it’s very common for people to reuse the same password across their different accounts. Let’s face it, we all have been guilty of doing this. Hackers are aware of this bad habit and keep exploiting it to their advantage.
Cybercriminals might launch phishing attacks to try to inject info-stealer malware and, well, steal your credentials. It may be also the case that a small website you don’t even remember making a profile on gets hacked at some point.
Once stolen login details are collected, attackers use a tactic known as „credential stuffing“, for which they enter thousands of these stolen passwords and email addresses across various platforms on the lookout for a potential match.

Continue reading...