(Bloomberg) -- Online lending platform LendingTree Inc. is investigating whether it was a victim of the bigger hacking campaign against clients of cloud-based data analytics firm Snowflake Inc.

LendingTree uses Snowflake for its business operations and was notified by the company that its QuoteWizard subsidiary may have been affected, company spokesperson Megan Greuling said in a statement. “It does not appear that consumer financial account information was impacted, nor information of the parent entity, LendingTree,” Greuling said. 

A hacking group has used stolen login details to access the Snowflake accounts of as many as 165 Snowflake customers and steal data, according to Google’s Mandiant security business, which helped lead Snowflake’s inquiry. The cybercriminals are demanding payments of $300,000 to $5 million apiece from as many as 10 companies breached in the campaign, Mandiant has said. 

“We take these matters seriously, and immediately after hearing from them we launched an internal investigation,” Greuling said, while declining to answer any additional questions because the investigation is ongoing. 

Separately, the Los Angeles Unified School District, the second-largest public school system in the US, confirmed that data stored by external vendors on Snowflake has been stolen. A malicious actor has since purportedly sought to sell student and employee data, a district spokesperson said.

The theft was consistent with recent incidents involving Snowflake accounts, the spokesperson said, but the district has found no evidence that its systems were directly breached in the hacking campaign. The district is working with the FBI and other federal agencies as well as private partners to investigate the breach. 

(Updates with Los Angeles schools incident in the final two paragraphs)

©2024 Bloomberg L.P.