While social media platforms and industry news media are flooded with opinions, speculation and advice, two issues are of immediate concern: what can the firms involved, as well as their customers, do to prevent future breaches and patch up all current weak points now?

• Snowflake has already announced its decision to enable multi-factor authentication (MFA) by default for all newly created Snowflake customer accounts. This is likely due to experts’ findings that the login credentials that were being stored insecurely in logs for an extended period of time. This had facilitated an easy theft by infostealer malware that had found its way into the system, according to Patrick Tiquet, Vice President, Security and Compliance, Keeper Security. “This breach highlights the critical importance of basic cybersecurity measures, including the use of strong, unique credentials, secure credential storage and the value of MFA. The latter is not as universally applied as it should be, due to a number of factors: inconvenience; lack of awareness; perceived complexity and more. This can be overcome through the use of “a secure password manager that not only creates high-strength random passwords for every website, application and system, but also enables strong forms of MFA. A password manager can store MFA codes and autofill them, providing a seamless user experience by eliminating the second step to ensure accounts are protected with the highest level of security,” Tiquet said.
• Twilio has already fixed the unauthenticated endpoint involved. However, the damage has only just started: the data being sold online now will eventually spell negative implications for affected users, who are now at a significantly heightened risk of phishing attacks and SIM swapping,according to Darren Guccione, CEO and co-founder, Keeper Security. His advice is for affected users to be vigilant, and to know the signs of phishing attacks in order to prevent falling victim to imminent attacks using their stolen personal information. (See below for Guccione’s phishing vigilance advice).
  
  According to one ethical hacker, an API endpoint that accepts data and gives responses on that data needs to be covered with both authentication and authorization processes — otherwise, that endpoint is an internal cybersecurity threat. Apparently, since the application in question is an MFA tool, hackers had been monitoring what phone numbers had been used for signup with the tool, and then performing a SIM swap to get the MFA code sent to another phone. Also, they are theorized by another cybersecurity expert to have fed a gigantic list of phone numbers from other data breaches in to an Authy API endpoint to see which numbers would be listed as being associated with an account. This vetted phone numbers could then be paired with other leaked information to identify targets for SIM swaps.

• Requests for personal information: Sudden requests for personal information are also a common phishing attempt indicator. If you receive an email, text message, or phone call from an unknown number claiming to be a company or someone you know, think twice before giving out your personal information — especially if you were not the one who initiated the conversation.
• Misspellings and grammatical errors: Before corporations send out emails to customers, the content usually goes through multiple rounds of reviews to ensure there are no errors. If you receive an email claiming to be from a company or individual and you notice errors, it is best not to click on anything in the email because it could be a phishing attempt.