Advance Auto Parts, Inc., a major supplier of automobile aftermarket components, has reportedly been the victim of a significant data breach. The breach, claimed by a threat actor using the pseudonym “Sp1d3r,” is said to have resulted in the theft of three terabytes of data from the company’s Snowflake cloud storage. The stolen data is allegedly being offered for sale for a sum of US$1.5 million.
According to the threat actor, Sp1d3r, the post-breach data includes a plethora of sensitive information such as 380 million customer profiles, 44 million Loyalty/Gas card numbers, details of 358,000 employees (despite the company currently employing around 68,000 people), auto parts and part numbers, customer orders, sales history, employment candidate information (including Social Security numbers and driver’s license numbers), transaction tender details, and over 200 tables of various data.
The threat actor has specified that a middleman is required to facilitate the sale of the stolen data, and transactions will not be conducted via Telegram. The discrepancy in the number of employee records suggests that the data may also include information on former employees and associates.
To verify the claims made by the threat actor, The Cyber Express Team reached out to officials for a response, but as of the time of this report, no confirmation or denial has been received. Therefore, the accuracy of the claims remains to be confirmed.
Advance Auto Parts operates thousands of stores and branches primarily in the United States, as well as in Canada, Puerto Rico, and the U.S. Virgin Islands. They also have independently owned Carquest branded stores across various locations, including Mexico and the Caribbean islands.
The data breach at Advance Auto Parts is part of a string of cyberattacks targeting customers of Snowflake, a cloud storage company. These attacks have been ongoing since mid-April 2024, and despite Snowflake acknowledging the issue, specific details about the nature of the cyberattacks or any stolen data have not been disclosed.
This incident follows a previous breach involving Live Nation, the parent company of Ticketmaster, where hackers claimed to have stolen personal details of 560 million customers, with the stolen data being hosted on Snowflake’s cloud storage. Snowflake and cybersecurity experts from CrowdStrike and Mandiant are currently investigating the extent of the breach and working to mitigate its impact.
The full implications of the data breach on Advance Auto Parts and other companies using Snowflake’s services are yet to be determined. With Snowflake’s extensive client base and the volume of data they manage, the fallout from these attacks could be significant. Affected individuals are advised to monitor their personal information closely, and companies should follow cybersecurity best practices to safeguard their data against potential threats.
In conclusion, the severity of the data breach at Advance Auto Parts underscores the ongoing challenges faced by companies in protecting sensitive information in the digital age. As investigations continue and efforts to secure data intensify, the impact of this breach will likely reverberate throughout the cybersecurity landscape.