Mastodon Feed
jsonstein@masto.deoan.org ("Jeff Sonstein") wrote:
“The hackers were able to use those credentials, they say, to access the Snowflake accounts because the Snowflake accounts didn’t require multifactor authentication (MFA) to access them. (MFA requires that users type in a one-time temporary code in addition to a username and password, making accounts that use MFA more secure.)”
https://www.wired.com/story/epam-snowflake-ticketmaster-breach-shinyhunters/