Canadian authorities have arrested Alexander “Connor” Moucka, suspected of breaching over 100 companies by exploiting weaknesses in cloud provider Snowflake.
Operating under the alias “Judische,” the hacker reportedly infiltrated Snowflake accounts lacking multi-factor authentication, targeting 165 organizations including AT&T and Neiman Marcus. Sensitive consumer data was stolen, with the attacker leveraging infostealing malware dating back to 2020.
Moucka allegedly extorted victim companies, demanding ransoms while selling data to other hackers, boasting $2 million in earnings. However, errors like revealing his system information in a ransom video helped investigators track him.
Google’s Mandiant team played a pivotal role, identifying 300 indicators linking the suspect to the hacks and collaborating with US and international law enforcement. While the charges remain confidential, the arrest highlights critical lapses in cloud security and the importance of robust authentication protocols.
