Slowly but surely the Snowflake incident is turning into a MOVEit-level event, as yet another company comes forward with information of stolen sensitive data – this time Pure Storage.
In a new announcement published earlier this week, the data storage firm said that unauthorized third parties accessed its Snowflake workspace and stole telemetry information, which includes some sensitive customer data, too.
“Following a thorough investigation, Pure Storage has confirmed and addressed a security incident involving a third party that had temporarily gained unauthorized access to a single Snowflake data analytics workspace,” the company said in a post on its customer support page. “The workspace contained telemetry information that Pure uses to provide proactive customer support services. That information includes company names, LDAP usernames, email addresses, and the Purity software release version number.”
Monitoring client systems
Fortunately, Pure Storage further explained that the workspace did not include passwords for array access, or any of the data stored on customer systems.
“Such information is never and can never be communicated outside of the array itself, and is not part of any telemetry information. Telemetry information cannot be used to gain unauthorized access to customer systems,” it confirmed.
Following the discovery of the breach, the company moved to block further access, it said, adding that there is no evidence of unusual activity on other elements of its IT infrastructure. Furthermore, it found no evidence of “unusual activity” on any of the customer systems it monitored.
“We are currently in contact with customers who similarly have not detected unusual activity targeting their Pure systems,” the announcement concludes.
Pure Storage is a major data storage platform, with high-profile clients include Meta, Ford, JP Morgan, Nasa, Equinix, and Comcast.
Via BleepingComputer
More from TechRadar Pro
Services Marketplace – Listings, Bookings & Reviews