Pure Storage, a leading enterprise cloud storage provider, confirmed on June 11, 2024 that attackers breached its Snowflake workspace as part of the broader UNC5537/Sp1d3r campaign targeting Snowflake customers lacking MFA. The compromised workspace contained telemetry data used for proactive customer support, including customer company names, LDAP usernames, email addresses, and Purity software release versions. No passwords, array credentials, or customer-stored data were compromised. Pure Storage stated there was no evidence of unauthorized access to customer storage systems. The breach was part of the same UNC5537 (ShinyHunters-affiliated) campaign that affected AT&T, Ticketmaster, Santander, and ~160 other organizations.