Snowflake Breach at Advance Auto Parts Hits 2.3 Million People

Security

A leading US car parts provider has revealed that a high-profile data breach earlier in 2024 will impact over two million job applicants and current and former employees.

Advance Auto Parts is said to operate nearly 5000 stores and employ around 70,000 people across North America.

A breach notification letter filed with the Office of the Attorney General (OAG) of Maine revealed that “an unauthorized third party accessed or copied certain information maintained by Advance Auto Parts from April 14, 2024, to May 24, 2024.”

This threat actor accessed the data by compromising the firm’s Snowflake environment, in the same campaign that victimized Ticketmaster, Santander, Neiman Marcus and over 160 other organizations.

Read more on Snowflake incident: Ticketmaster Confirms Breach Potentially Impacting 560 Million Users.

Compromised data includes full names, Social Security numbers (SSNs), driver’s licenses, and government ID numbers – enough for threat actors to craft convincing follow-on phishing attacks and identify fraud campaigns.

The company is offering 12 months free identity theft protection and credit monitoring services through Experian, to those impacted by the breach.

Back in June, Advance Auto Parts acknowledged the incident in a sparse Form 8-K filing with the SEC last month.

A threat actor with the moniker “Sp1d3r” posted to a cybercrime forum in June, claiming to have 3TB of data to sell, including 380 million customer profiles. They were originally asking for $1.5m for the trove.

According to Mandiant, Snowflake accounts were compromised via credentials which had previously been stolen by infostealer malware. Those who had their accounts accessed did not have multi-factor authentication (MFA) in place, it said.

Other victims of the same campaign have been publicly threatened on cybercrime forums. A threat actor with the moniker “Sp1d3rHunters” leaked tens of thousands of print-at-home tickets obtained from Ticketmaster, as well as barcodes to 170,000 tickets for Taylor Swift’s Eras Tour in a bid to extort the company.

Products You May Like

Articles You May Like

Fake Donald Trump Assassination Story Used in Phishing Scam
Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia
Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices
Microsoft Seizes 240 Websites to Disrupt Global Distribution of Phish Kits
Chinese APT Group Targets Telecom Firms Linked to Belt and Road Initiative

Leave a Reply

Your email address will not be published. Required fields are marked *