• 0 Posts
  • 14 Comments
Joined 1 year ago
cake
Cake day: July 29th, 2023

help-circle







  • we have not identified evidence suggesting this activity was caused by compromised credentials of current or former Snowflake personnel;

    we did find evidence that a threat actor obtained personal credentials to and accessed demo accounts belonging to a former Snowflake employee. It did not contain sensitive data. Demo accounts are not connected to Snowflake’s production or corporate systems.

    They’re claiming that no breach occured on any production systems. If they were really just demo accounts, then skipping the MFA is understandable.







  • My guess would be the response text is passed through a rudimentary templating engine that looks for { and }. Somehow it must be processing the whole chat history. The templater fails at the unexpected braces in the code block and then just gives up (probably a try-catch ignores the error and sends the message anyway).