Another Snowflake Customer (LendingTree) Confirms a Data Breach

Published on June 10, 2024
Written by:
Lore Apostol
Lore Apostol
Infosec Writer & Editor

Cloud data analysis company Snowflake is allegedly connected to yet another of its customers' data breaches, as the QuoteWizard subsidiary of loan comparison site LendingTree has confirmed having its data stolen. Customers waiving the use of multi-factor authentication (MFA) may have allowed cybercriminals into their Snowflake environments.

Megan Greuling, a spokesperson for LendingTree, confirmed the company uses Snowflake for its business operations, and the cloud data firm reached out to announce that LendingTree subsidiary QuoteWizard may have had data impacted by this incident. 

The loan comparison site launched an internal investigation. “As of this time, it does not appear that consumer financial account information was impacted, nor information of the parent entity, LendingTree,” Greuling said.

Snowflake has said little about the LendingTree security incident besides restating that its own systems haven’t been breached. The company has previously mentioned a former employee’s “demo” account was compromised and continues to say that not using MFA, previous data breaches, and credentials stolen from info-stealing malware are at fault for the breach of its customers’ environments.

It’s important to note MFA is not mandatory nor default for Snowflake user accounts.

QuoteWizard is the newest company to announce a data breach. Hackers had claimed to have stolen a sizable number of customer records from two of Snowflake’s biggest clients, Santander Bank and Ticketmaster. The credentials may have been stolen by info-stealing malware on employee computers with access to their employer’s Snowflake environment.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: