Advance Auto Parts, Inc., a major supplier of automotive aftermarket components in the United States, has recently disclosed a data breach to the US Securities and Exchange Commission (SEC). The announcement of the Advance Auto Parts data breach was initially made by The Cyber Express on June 6, 2024.
According to the company’s report to the SEC, the data breach occurred through its third-party cloud storage provider, leading to unauthorized access to consumer and policyholder information. On June 14, in a filing to the SEC, Advance Auto Parts stated, “On May 23, 2024, Advance Auto Parts, Inc. identified unauthorized activity within a third-party cloud database environment containing Company data and initiated an investigation with industry-leading experts. On June 4, 2024, a criminal threat actor claimed to have Company data for sale. The Company has informed law enforcement.”
The threat actor, known as “Sp1d3r,” claimed to have stolen three terabytes of data from the company’s Snowflake cloud storage and was offering it for sale on the dark web for $1.5 million. The stolen information reportedly included 380 million customer profiles, details on 358,000 employees, 44 million Loyalty/Gas card numbers, sales history, and other sensitive information.
In their filing, Advance Auto Parts assured that there was no significant disruption to the company’s business operations due to the breach. They acknowledged that some compromised files contained personal information, such as social security numbers, of current and former employees. The company pledged to provide affected parties with free credit monitoring and identity restoration services.
While the company is covered by insurance, they estimated potential damages from the cyberattack to reach up to $3 million. Advance Auto Parts plans to incur about $3 million in expenses for response and remediation costs in the quarter ending July 13, 2024, as outlined in their communication to the SEC.
With 4,777 stores and 320 Worldpac branches across the United States, Canada, Puerto Rico, and the U.S. Virgin Islands, Advance Auto Parts is a prominent presence in the automotive aftermarket industry. The data breach incident is part of a wave of attacks targeting customers of Snowflake, a leading US-based cloud data storage and analytics provider. Since at least mid-April 2024, Snowflake has been dealing with a series of cyberattacks affecting a limited number of customers.
Snowflake has acknowledged the security issue and notified customers who may have been impacted by the breaches. The company, serving over 9,800 global clients, has seen some customers take their databases offline in response to the cyber threats. A recent report revealed that 165 customers were affected by the Snowflake data breach, underscoring the severity and scale of the incident.
In July 2023, the US Securities and Exchange Commission mandated companies to disclose material cybersecurity incidents and provide annual disclosures on cybersecurity risk management, strategy, and governance. This regulatory directive aimed to enhance transparency and accountability in the handling of cybersecurity threats by organizations operating in the United States.