Today: xAI's new Grok 4 model looks impressive assuming you can ignore everything else about the company, MCP's security flaws are becoming apparent, and the latest enterprise moves.
Today: Why CoreWeave just shelled out $9 billion in stock for Core Scientific, Ingram Micro begins to recover from a holiday weekend ransomware attack, and the latest funding rounds in enterprise tech.
Snowflake CEO: Default multifactor authentication is coming soon
Snowflake will outline a plan to require all customers to use additional security protections "within the coming days" after a spate of high-profile security breaches involving customers that didn't take that step.
SAN FRANCISCO — After a week during which growing numbers of Snowflake customers reported data breaches after failing to use multifactor authentication to secure their accounts, CEO Sridhar Ramaswamy said Thursday that the company plans to require customers to use the additional protection in the near future.
"It's clear that we have to do something about this," Ramaswamy said in an interview with Runtime on the last day of the Snowflake Data Cloud Summit. Snowflake has been urging customers all week to turn on MFA security features for their accounts, "but I think making this programmatic is the next logical step we do need to take," he said.
Several high-profile Snowflake customers — including Ticketmaster parent company Live Nation and Santander, one of the largest banks in the world — have recently reported data breaches that security experts have linked to Snowflake accounts that lacked multifactor authentication. Techcrunch reported Wednesday that "hundreds" of login credentials stolen from Snowflake customers are available for sale in hacking forums, suggesting that this issue could become much more widespread in coming days.
Given that a lot of Snowflake customers use automated service accounts to run tasks, the problem is more complex than simply throwing a switch to require MFA in order to access data in Snowflake, Ramaswamy said. However, the company will outline a plan to address those accounts "in the coming days," he said.
Backed by statements from security companies Mandiant and Crowdstrike, Snowflake has insisted that the breach was not caused by any software vulnerability or security issue in its software. However, other cloud software companies require their customers to turn on the additional protections afforded by MFA; Microsoft will require Azure customers to use MFA starting in July, and GitHub mandated MFA use in January.
Tom Krazit has covered the technology industry for over 20 years, focused on enterprise technology during the rise of cloud computing over the last ten years at Gigaom, Structure and Protocol.
Today: dbt Labs' decision to go with a source-available license for its new Fusion product gets a vote of confidence from Snowflake, Windsurf faces a headwind, and the latest enterprise moves.
Today: Snowflake introduces new tools that promise to help companies find nuggets of insight in their corporate data, Thoma Bravo gears up for the coming wave of AI startup buyouts, and the latest funding rounds in enterprise tech.
Today: Ahead of this year's Snowflake/Databricks annual events, a look at the push to unify Delta Lake and Iceberg, Salesforce snaps up Informatica, and the latest funding rounds in enterprise tech.
Last year at the Databricks Data & AI Summit Ghodsi pledged to bring Delta Lake and Iceberg together in a "USB-C format" for data. The communities behind both formats have made progress toward that goal, but the last mile is tricky, and new tools could let end users worry about other problems.
