Over a dozen companies have been hit by data theft attacks after SaaS integration provider Anodot was breached and authentication tokens stolen. The majority of attacks targeted Snowflake customer accounts, with Snowflake confirming unusual activity in a small number of accounts linked to a specific third-party integration. The ShinyHunters extortion gang claimed responsibility, saying they stole data from dozens of companies and are now demanding ransom payments. Attempts to steal Salesforce data were reportedly blocked by AI detection. Payoneer confirmed awareness of the Anodot breach but stated it was not impacted. Google's Threat Intelligence Group is tracking the incident.
Table of contents
Data theft after alleged Anodot breachAutomated Pentesting Covers Only 1 of 6 Surfaces.Sort: