Snowflake Faces Dual Pressure from Securities Litigation and New Data Breach Allegations

Snowflake Inc. is facing renewed scrutiny as of April 11, 2026, following significant developments in a federal securities class action lawsuit and new allegations of a data breach involving high-profile clients. The cloud data warehousing company is currently managing legal challenges regarding its past financial disclosures while simultaneously addressing claims from a hacking group regarding the security of its third-party integrations.

The securities class action, which is proceeding in the U.S. District Court for the Northern District of California, alleges that Snowflake and its former executive leadership misled investors about the company’s revenue growth trajectory. The lawsuit specifically names former Chief Executive Officer Frank Slootman and current Chief Financial Officer Michael Scarpelli. According to the filings, the plaintiffs contend that Snowflake executives made false statements regarding the sustainability of the company’s consumption-based revenue model during the 2023 and 2024 fiscal periods. The litigation asserts that the company failed to disclose that its product revenue growth was being negatively impacted by shifts in customer usage patterns and that its internal forecasts showed a more pronounced slowdown than what was communicated to the public. During the period in question, Snowflake’s year-over-year product revenue growth slowed from over 50% to approximately 33%, a transition that plaintiffs argue was obscured by misleading guidance.

In a separate but concurrent development, the hacking collective known as ShinyHunters claimed on April 11 that it successfully accessed Snowflake instances belonging to Rockstar Games. The group alleges that the breach was made possible through a compromise of Anodot, a third-party platform used by companies to monitor business metrics and cloud costs. ShinyHunters claims to have obtained administrative credentials from Anodot’s systems, which allowed them to bypass security layers and access data stored within Snowflake’s environment. This incident follows a series of similar claims made against Snowflake’s customer base in previous years, though the involvement of a third-party intermediary like Anodot introduces new complexities regarding the company's shared responsibility security model.

Snowflake issued a brief statement today acknowledging the reports but maintained that there is no evidence of a direct compromise of its own corporate network. The company emphasized that it has required multi-factor authentication for all users since a policy change in 2024 and urged customers to audit their third-party service permissions. Anodot has not yet released a formal technical report regarding the alleged credential theft. These events occur as Snowflake continues its strategic shift under CEO Sridhar Ramaswamy, who assumed the role in February 2024. The convergence of these legal and security issues represents a critical juncture for the company’s corporate governance and data protection reputation.