Canadian authorities have arrested a man on suspicion he breached hundreds of accounts belonging to users of cloud storage provider Snowflake and used that access to steal personal data belonging to millions of people, authorities said Tuesday.

"Following a request by the United States, Alexander Moucka (aka Connor Moucka) was arrested on a provisional arrest warrant on Wednesday, October 30, 2024," an official with the Canada Department of Justice wrote in an email Tuesday. "He appeared in court later that afternoon, and his case was adjourned to Tuesday, November 5, 2024. As extradition requests are considered confidential state-to-state communications, we cannot comment further on this case."

Word of the arrest first came from Bloomberg News and was later confirmed by 404 Media.

The Snowflake compromise came to light in late May, following the disclosure by Live Nation that data held by its Ticketmaster group had been stolen and put up for sale online. The data included the full names, addresses, phone numbers, and partial credit card numbers for 560 million Ticketmaster customers. Live Nation later told TechCrunch the data had been stored in an account on Snowflake.

Mandiant, a Google-owned security firm Snowflake retained to investigate the breach has said that 165 customers of the cloud storage provider may have had data stolen during that spree. Data purporting to be taken from many customers was later put up for auction online, creating major risks for the breached companies and the individual holders of that personal data.

Mandiant went on to say that all the compromises it had tracked were the result of login credentials for Snowflake accounts being stolen by infostealer malware and stored in vast logs, sometimes for years at a time, before eventually making their way into the hands of the threat actors who used them in the individual breaches.