Advance Auto Components has confirmed it suffered a data breach after a risk actor tried to promote stolen information on a hacking discussion board earlier this month.
Advance operates 4,777 shops and 320 Worldpac branches and serves 1,152 independently owned Carquest shops in america, Canada, Puerto Rico, the U.S. Virgin Islands, Mexico, and varied Caribbean islands.
Earlier this month, BleepingComputer reported {that a} risk actor named ‘Sp1d3r’ started promoting information they claimed was stolen through the current Snowflake data-theft assaults.
Supply: BleepingComputer
BleepingComputer contacted Advance a number of instances concerning the alleged data breach, however they by no means responded to our emails.
Nonetheless, in an SEC submitting first noticed by security researcher pancak3, Advance Auto Components confirmed that their information was stolen from a third-party cloud database atmosphere.
“On Could 23, 2024, Advance Auto Components, Inc. (the “Firm”) recognized unauthorized exercise inside a third-party cloud database atmosphere containing Firm information and launched an investigation with industry-leading consultants,” reads Type 8-Ok submitting launched on Friday.
“On June 4, 2024, a prison risk actor provided what it alleged to be Firm information on the market. The Firm has notified regulation enforcement.”
After investigating the stolen information, Advance says they imagine they comprise private data for present and former workers and job candidates, together with social security numbers and different authorities identification numbers.
Pattern information leaked by the risk actor and seen by BleepingComputer additionally included workers’ full names and e mail addresses. The information additionally included what’s believed to be buyer data, together with e mail addresses and names.
Advance says they may ship data breach notifications to these impacted and supply free credit score monitoring and identification restoration providers as crucial. It’s unclear if this can be just for workers right now or for uncovered clients as properly.
The corporate states that they’ve incurred $3 million in bills as a result of incident.
