https://community.appian.com/support/w/kb/3549/kb-2310-information-about-the-snowflake-credential-incidenten-USTelligent Community 12https://community.appian.com/support/w/kb/3549/kb-2310-information-about-the-snowflake-credential-incidentTue, 04 Jun 2024 13:17:32 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:100cec6f-cb86-467e-a09b-9e8c18bc7b80Ryan Goodhttps://community.appian.com/support/w/kb/3549/kb-2310-information-about-the-snowflake-credential-incident#commentsCurrent Revision posted to Appian Knowledge Base by Ryan Good on 6/4/2024 1:17:32 PM<br /> <h2 id="mcetoc_1hvhma8f22"><span style="font-weight:400;">Summary</span></h2> <p><span style="font-weight:400;"></span><span style="font-weight:400;">On 31-May-2024, a<span>&nbsp;</span></span><a href="https://www.mitiga.io/blog/tactical-guide-to-threat-hunting-in-snowflake-environments"><span style="font-weight:400;">threat advisory</span></a><span style="font-weight:400;"><span>&nbsp;</span>was published detailing that threat actors were observed using stolen customer credentials to target organizations utilizing Snowflake databases. Snowflake has since<span>&nbsp;</span></span><a href="https://community.snowflake.com/s/question/0D5VI00000Emyl00AB/detecting-and-preventing-unauthorized-user-access"><span style="font-weight:400;">published a response</span></a><span style="font-weight:400;"><span>&nbsp;</span>stating their partnership with CrowdStrike and Mandiant in conducting a forensic investigation, and detailing preliminary findings and mitigating steps.</span></p> <p><span style="font-weight:400;">Snowflake is not natively used within Appian Cloud. Any Appian Cloud customers utilizing Snowflake via integration should contact Snowflake directly to determine impact. Appian will continue to monitor the situation and provide any updates as appropriate.</span></p> <h2 id="mcetoc_1hvhm9djo1"><span style="font-weight:400;">Supporting Documentation:</span></h2> <ul> <li style="font-weight:400;"><a href="https://www.mitiga.io/blog/tactical-guide-to-threat-hunting-in-snowflake-environments"><span style="font-weight:400;">https://www.mitiga.io/blog/tactical-guide-to-threat-hunting-in-snowflake-environments</span></a></li> <li style="font-weight:400;"><a href="https://community.snowflake.com/s/question/0D5VI00000Emyl00AB/detecting-and-preventing-unauthorized-user-access"><span style="font-weight:400;">https://community.snowflake.com/s/question/0D5VI00000Emyl00AB/detecting-and-preventing-unauthorized-user-access</span></a><span style="font-weight:400;"><br /></span></li> </ul> <h2 id="mcetoc_1hvhm7e4q0"><span style="font-weight:400;">Affected Versions</span></h2> <p><span style="font-weight:400;">This article applies to all supported versions of Appian.</span></p> <p><span style="font-weight:400;">Last reviewed:<span>&nbsp;</span></span><span style="font-weight:400;">June 4, 2024</span></p><div style="clear:both;"></div> https://community.appian.com/support/w/kb/3549/kb-2310-information-about-the-snowflake-credential-incident/revision/1Tue, 04 Jun 2024 13:12:18 GMTd3a83456-d57b-489c-a84c-4e8267bb592a:100cec6f-cb86-467e-a09b-9e8c18bc7b80Ryan Goodhttps://community.appian.com/support/w/kb/3549/kb-2310-information-about-the-snowflake-credential-incident#commentsRevision 1 posted to Appian Knowledge Base by Ryan Good on 6/4/2024 1:12:18 PM<br /> <p><span style="font-weight:400;"></span><span style="font-weight:400;">On 31-May-2024, a </span><a href="https://www.mitiga.io/blog/tactical-guide-to-threat-hunting-in-snowflake-environments"><span style="font-weight:400;">threat advisory</span></a><span style="font-weight:400;"> was published detailing that threat actors were observed using stolen customer credentials to target organizations utilizing Snowflake databases. Snowflake has since </span><a href="https://community.snowflake.com/s/question/0D5VI00000Emyl00AB/detecting-and-preventing-unauthorized-user-access"><span style="font-weight:400;">published a response</span></a><span style="font-weight:400;"> stating their partnership with CrowdStrike and Mandiant in conducting a forensic investigation, and detailing preliminary findings and mitigating steps.</span></p> <p><span style="font-weight:400;">Snowflake is not natively used within Appian Cloud. Any Appian Cloud customers utilizing Snowflake via integration should contact Snowflake directly to determine impact. Appian will continue to monitor the situation and provide any updates as appropriate.</span></p> <p><span style="font-weight:400;">Supporting Documentation:</span></p> <ul> <li style="font-weight:400;"><a href="https://www.mitiga.io/blog/tactical-guide-to-threat-hunting-in-snowflake-environments">https://www.mitiga.io/blog/tactical-guide-to-threat-hunting-in-snowflake-environments</a></li> <li style="font-weight:400;"><span style="font-weight:400;"><a href="https://community.snowflake.com/s/question/0D5VI00000Emyl00AB/detecting-and-preventing-unauthorized-user-access">https://community.snowflake.com/s/question/0D5VI00000Emyl00AB/detecting-and-preventing-unauthorized-user-access</a></span></li> </ul> <h2 id="mcetoc_1hvhm0sm80"><span style="font-weight:400;">Affected Versions</span></h2> <p><span style="font-weight:400;">This article applies to all supported versions of Appian.</span></p> <p><span style="font-weight:400;">Last reviewed: </span><span style="font-weight:400;">June 4, 2024</span></p><div style="clear:both;"></div>