Over 2.3 million consumers have received alerts from Advance Auto Parts about a data breach after their personal information was compromised in recent Snowflake data theft attempts. A threat actor known as "Sp1d3r" allegedly started selling a 3TB database on June 5, 2024, that included 380 million Advance customer records, orders, transaction details, and other private data. Through a Form 8-K statement on June 19, the company acknowledged the breach; nevertheless, it stated that only current and former workers and job candidates are affected.
The incident was part of a broader campaign targeting Snowflake accounts using stolen credentials, which impacted Pure Storage, Los Angeles Unified, Neiman Marcus, Ticketmaster, and Banco Santander. Advance has completed its internal investigation into the incident and has determined that the data breach impacted 2,316,591 million people.
According to the data breach notification samples shared with the authorities, the threat actors maintained unauthorized access to Advance's Snowflake environment for over a month, starting mid-April 2024.
"Our investigation determined that an unauthorized third party accessed or copied certain information maintained by Advance Auto Parts from April 14, 2024, to May 24, 2024. We conducted a detailed review and analysis of the affected information to determine the types of information contained therein and to whom the information relates," reads the notice.
The data stolen by the attackers includes full names, Social Security numbers (SSNs), driver's licenses, and government ID numbers. The company says it collects this information as part of its job application process, so the 2.3 million figure is related to job applicants and former/current employees whose data was stored in the compromised cloud database.
Those impacted are given 12 months of complimentary identity theft protection and credit monitoring services through Experian, and they have until October 1, 2024, to enroll. Potentially impacted individuals are advised to be vigilant for unsolicited communications, monitor their accounts closely, activate fraud alerts, and consider placing a credit freeze.
The 2.3 million figure reported by Advance is a far cry from the threat actor's allegations about 380M records, and the data types confirmed to have been exposed aren't nearly as extensive as what 'Sp1d3r' offered for sale.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.