Canada Arrests Man Suspected of Hacks of Snowflake Customers
Canadian authorities have arrested a man suspected of being behind a string of hacks involving as many as 165 customers of Snowflake Inc., according to people familiar with the matter.
Following a request from the US, Alexander “Connor” Moucka was taken into custody on a provisional arrest warrant on Oct. 30, according to Canada’s Department of Justice. He is due to appear in court on Tuesday.
Related: Snowflake Hacker Still Active, Finding New Victims, Expert Says
The charges against Moucka weren’t immediately available. “As extradition requests are considered confidential state-to-state communications, we cannot comment further on this case,” said Ian McLeod, spokesperson for Canada’s Department of Justice.
However, two people familiar with the hacks, who asked not to be named so they could discuss confidential matters, have identified Moucka as the person behind the Snowflake-related hacks.
Related: Hacker Says AT&T Paid About $400,000 to Erase Sensitive Data
In addition, Austin Larsen, senior threat analyst at the cybersecurity firm Mandiant, alleged in a statement Monday evening, “Alexander ‘Connor’ Moucka has proven to be one of the most consequential threat actors of 2024.”
Moucka launched a campaign in April against more than 100 organizations, leaving them “reeling from significant data loss and extortion attempts,” Larsen said. He added that it “highlighted the alarming scale of harm a single individual can cause using off-the-shelf tools.
Related: Hackers Demand as Much as $5 Million From Snowflake Clients
Neither Moucka nor his attorney could be reached for comment.
When asked about the arrest over the weekend, the FBI declined to comment. The US Justice Department also declined to comment.
Companies including AT&T Inc., Live Nation Entertainment Inc. and Advance Auto Parts Inc. disclosed that they’d been affected by the attacks in June and July. In some cases, the hacker — or hackers as it is not clear if others were involved — attempted to extort the companies by threatening to sell the data on criminal forums if they didn’t pay up, according to cybersecurity analysts at Alphabet Inc.’s Google.
The attacks resulted in the theft of millions of people’s personal data. The hacker used stolen credentials that were available in places like cybercriminal forums to access customer accounts, which lacked security measures such as multifactor authentication, Snowflake has said.
A person claiming to be behind the attacks spoke with Bloomberg News over Telegram earlier this year, saying that they were hoping to get $20 million for the full set of data they had stolen. No evidence suggests that bulk data was sold.
Top photo: The Cryptospace conference in Moscow, Russia, December 8, 2017. Cryptospace Conference, Eastern Europes largest conference dedicated to blockchain technology and cryptocurrencies, will take place in Moscow between December 8 and 9 where all the crypto enthusiasts and experts will gather to share their thoughts and exchange valuable information.
- Report: Wearable Technology May Help Workers’ Comp Insurers Reduce Claims
- Sedgwick Eyes Trends and Risks in 2025 Forecast
- Report: Millions of Properties May be Underinsured Due to Multiple Undetected Structures
- Coming Soon to Florida: New State-Fed Program to Elevate Homes in Flood Zones