“We can confirm that a limited amount of non-material company information was accessed in connection with a third-party data breach. This incident has no impact on our organization or our players.”
Anyone familiar with "Snowflake" enough to say what sort of data was typically hosted there? Judging by the website and the lack of specifics about the data, I'm guessing it's less about assets, artifacts and stuff like that, and more about financial data and general/generic "business" stuff?
I mean technically you can stuff documents into a column with the BINARY datatype provided they are under 67 MB each, but it's not really meant to be used as a document store.
The top comment says -
"NEVER EVER PAY RANSOM MONEY. Please. Even if your business will suffer it will suffer a lot more if you do pay since now it is known you'll cave. Also: you are making the problem larger for others."
The top response to that comment says -
"From their blog: https://protonmaildotcom.wordpress.com/ At around 2PM, the attackers began directly attacking the infrastructure of our upstream providers and the datacenter itself. The coordinated assault on our ISP exceeded 100Gbps and attacked not only the datacenter, but also routers in Zurich, Frankfurt, and other locations where our ISP has nodes. This coordinated assault on key infrastructure eventually managed to bring down both the datacenter and the ISP, which impacted hundreds of other companies, not just ProtonMail.
At this point, we were placed under a lot of pressure by third parties to just pay the ransom, which we grudgingly agreed to do at 3:30PM Geneva time to the bitcoin address 1FxHcZzW3z9NRSUnQ9Pcp58ddYaSuN1T2y. This was a collective decision taken by all impacted companies, and while we disagree with it, we nevertheless respected it taking into the consideration the hundreds of thousands of Swiss Francs in damages suffered by other companies caught up in the attack against us. We hoped that by paying, we could spare the other companies impacted by the attack against us, but the attacks continued nevertheless. This was clearly a wrong decision so let us be clear to all future attackers – ProtonMail will NEVER pay another ransom. "
Full thread here -
It sounds perverse but the incentives require it: if payment didn't bring resolution, no one would pay. As a result, all of the big gangs avoid scamming.
Way back when, it was a pretty common screwup to accidentally saturate the nodes you were packeting from. So then your C&C couldn't get them to respond, either. Oops.
I've just started Darknet Diaries podcast. So great.
When I worked on electronic medical records, I assumed it was just a matter of time until we were hacked (too). All the most banal reasons: many vendors, shared passwords, root/admin access, etc.
I imagine things haven't improved much since.
If 6 leaks before release, though, that's a completely different story. I can imagine them actually paying a ransom if that happened.
The only thing I can imagine is the story would get spoiled on the internet, but that's about it.
It would be dramatically easier to discover and exploit vulnerabilities/glitches in their multiplayer experience, which is their cash cow.