A major cloud storage company recently suffered a significant data breach that quickly became one of the largest in history, serving as a wake-up call for businesses to ensure their data compliance efforts are up to date and to closely monitor which third parties have access to their data. The Snowflake hack, announced in May, resulted in the theft and exposure of customer data from companies across a range of industries. This data breach shows that even the most tech-savvy companies are vulnerable and that a small breach can quickly cascade and affect millions of customers. What do you need to know about this incident? What are the 5 things you should do if you are hit by a data breach?
Snowflake suffers massive data breach
Snowflake, a cloud-based data platform that provides data storage, processing, and analytics services, suffered a major data breach that was announced on May 30. Hackers exploited weaknesses in the company’s customer account security system to access and steal millions of bank account numbers, credit card numbers, and other customer and staff data from Snowflake’s high-profile client accounts. Since the attack, cybercriminals have been blackmailing victims and selling the stolen data on the dark web.
Snowflake became a big target when it went public in 2020, raising more than $3 billion in the largest IPO ever for a software company. Since then, the company has worked with many well-known companies to store and analyze their data. Snowflake’s platform serves over 10,000 customer accounts worldwide and receives billions of data queries every day. Given its vast amount of user data, significant revenue, and industry visibility, it’s clear why Snowflake was an attractive target for hackers.
I’ve been breached – what do I do next?
Unfortunately, the key question regarding data breaches in businesses is not “if” but “when.” So while prevention is an important imperative, it is not the only important one. Equally important is how you respond when a breach occurs. While not an exhaustive list, at a minimum, businesses should consider the following steps when dealing with a data breach:
- Stop the breach and take it offline: To prevent the breach from worsening, take immediate steps to secure your network and change your network access authorizations.
- Initiate your incident response plan: If you have an incident response plan, ensure that you implement it promptly, including mobilizing your breach response team. Your protocols should include procedures that allow for rapid investigation and remediation of a breach. You should also consider whether to notify law enforcement. Your legal counsel can assist you with this procedure.
- Contact a lawyer: Legal counsel can assist with analyzing and complying with data breach notification and other reporting obligations arising from a breach, and can also help oversee and guide outside vendors investigating breaches. Counsel’s guidance to vendors can help ensure that communications related to the investigation are privileged, which can be helpful in the event of any subsequent litigation related to the breach.
- Identify the types of information affected. Determine the nature of the data at issue and how the breach affected that data, and evaluate any applicable legal requirements or regulations. Consult legal counsel when making this determination.
- Contact your service provider: If a service provider is responsible for the breach (such as a web security company, website builder, third-party payment processor, or similar company), review the applicable contract to determine the parties’ obligations. If appropriate, verify that the provider investigated, remediated, and responded to the breach. You should also reevaluate the provider’s access permissions to verify that the vulnerability was actually remediated by the provider.
Conclusion
As technology continues to evolve, so do the ways in which data breaches can occur. The bottom line: No matter your industry, you must be ready to constantly adjust and modify your data security and privacy practices to comply with legal obligations and protect yourself from increasingly sophisticated cyber attacks.
