If one breach exposed all of their data, they don't practice the well-known security (since ancient times) technique of never having all your goodies in one location.
The attack vector was an exposed Snowflake instance.
Snowflake's entire business model is based on selling the idea of "data lakes", "data warehouses", etc...
The basic premise of data lakes, etc, is to replicate and dump all your company data into easily queryable database instances, like Snowflake. I'm not disagreeing that this is a stupid thing to do, but just pointing out that this is something basically every Fortune 500 company is doing. Because big data is cool. (Or was cool)
Specifically since the article called out no 2fa... I'm actually very surprised how difficult 2fa is to set up with Snowflake. It's been 2-3 years since I set up a Snowflake instance, but I remember there being no obvious or easy way to enable it. (I wanted it on, but at the time enabling it was a multi-hour task, not just a setting to enable)
2fa is not the answer. The answer is compartmentalization. Just like a battleship is divided into many watertight compartments, because someone will poke a hole in it.
The Titanic needed 6 compartments to be breached before it was in danger of sinking.
