Undisclosed Charges Against Alleged Hackers of Snowflake Customers

(Bloomberg) — Charges against two men suspected of cyberattacking Snowflake Inc.’s customers were unsealed, providing new details about the breaches.

Connor Riley Moucka, who lives in Canada, and John Erin Binns, who lives in Turkey, were accused last month of infiltrating the computer networks of at least 10 organizations, stealing sensitive data and threatening to leak this information if the victims are not reached. He paid a ransom and offered it for sale to other criminals, according to prosecutors.

While the US did not disclose the identity of Snowflake or its victimized customers, the “Victim-1” description in the indictment is similar to the company. The indictment describes Victim-1 as a US-based software-as-a-service provider that allows customers to upload and store data on online storage media.

Lawyers for Moucka and Binns could not immediately be reached for comment.

A representative for Snowflake declined to comment. The charges were announced Friday, according to a person familiar with the case.

Other victims were a major US-based telecommunications company, which the US accused Moucka and Binns of accessing “approximately 50 billion customer call and test records, including numbers dialed for commercial advantage”.

According to the indictment, the victims include a major retailer, an entertainment company and a healthcare provider, as well as a European company with staff in the United States.

According to prosecutors, the hackers used software they identified as “rapeflake” to access their victims’ cloud computing environment.

AT&T Inc., Live Nation Entertainment Inc. and Advance Auto Parts Inc. Companies such as have previously announced that they were affected by the attacks in June and July.

More stories like this available Bloomberg.com