Cloud provider Pure Storage has been affected by the recently compromised accounts at Snowflake, potentially compromising customer data. Pure Storage, which provides a variety of cloud storage systems and services, disclosed that telemetry data used for customer support may have been accessed by the attacker. This data includes company names, LDAP usernames, email addresses, and details about the Pure Storage software used.
Pure Storage’s customers include high-profile organizations such as Meta, NASA, and Comcast. The breach in the Snowflake environment is similar to recent incidents involving TicketMaster and QuoteWizard, where data was also stolen. According to Pure Storage, the telemetry data in question is used for proactive customer support and does not include critical information such as passwords for array access or any data stored on customer systems.
Pure Storage issued an official response:
“Following a thorough investigation, Pure Storage has confirmed and addressed a security incident involving a third party that had temporarily gained unauthorized access to a single Snowflake data analytics workspace. The workspace contained telemetry information that Pure uses to provide proactive customer support services.”
The company emphasized that “the workspace did not include compromising information such as passwords for array access, or any of the data that is stored on the customer systems. Such information is never and can never be communicated outside of the array itself, and is not part of any telemetry information. Telemetry information cannot be used to gain unauthorized access to customer systems.”
Pure Storage took immediate steps to block further unauthorized access and stated, “we see no evidence of unusual activity on other elements of the Pure infrastructure. Pure is monitoring our customers’ systems and has not found any unusual activity. We are currently in contact with customers who similarly have not detected unusual activity targeting their Pure systems.”
The security company Mandiant, which has investigated several similar incidents, noted that data theft in these cases often involves malware on both work and personal systems used by contractors. In a recent TechCrunch report, Mandiant said that 165 Snowflake customers might have been affected by these attacks. Pure Storage has engaged a leading cybersecurity firm to investigate the incident, which validated their findings about the scope of the breach.
