Canadian authorities have arrested Alexander “Connor” Moucka, a man suspected of stealing data from hundreds of millions of people by targeting over 165 organizations that were customers of the cloud storage company Snowflake.
Moucka, who also goes by the online aliases “Waifu” and “Judische,” was arrested on Wednesday, October 30, 2024, at the request of the United States. He appeared in court the same day, with the case adjourned to November 5, 2024. The arrest stems from an investigation into a series of breaches that have left numerous individuals vulnerable.
According to Canada’s Department of Justice, Moucka’s arrest was a part of a joint operation involving Snowflake, Mandiant, and CrowdStrike. These organizations uncovered that an attacker, initially tracked as UNC5537, had been using infostealer malware to steal customer credentials. The attacker targeted companies that had failed to configure multi-factor authentication (MFA) on their Snowflake accounts.
While only 165 organizations were affected by this breach, Snowflake serves over 9,400 customers, including some of the largest companies worldwide such as Mastercard, Micron, NBC Universal, Capital One, Adobe, AT&T, Kraft Heinz, Doordash, HP, Okta, PepsiCo, Siemens, US Foods, Western Union, and Yamaha.
The breach, which began in April 2024, has had far-reaching consequences, exposing the sensitive information of millions. A few notable breaches tied to this attack include Ticketmaster, which confirmed the theft of data from 560 million customers, and AT&T, which reported that call logs from 109 million of its mobile customers were stolen. Other affected organizations include Santander, Neiman Marcus, and Pure Storage.
In response to the rising threat, Snowflake has now implemented stricter security measures. Starting in October 2024, the company will enforce multi-factor authentication (MFA) for all newly created accounts and will require passwords to be at least 14 characters long. These moves aim to prevent future breaches and ensure better protection of sensitive data stored on its platform.
Moucka’s arrest marks a significant step in combating the growing issue of cybercrime, with authorities working to address the scale of these sophisticated data breaches.
