therecord.media
Open in
urlscan Pro
2606:4700:4400::6812:20b5
Public Scan
URL:
https://therecord.media/advance-auto-parts-data-breach-2million
Submission: On July 12 via api from TR — Scanned from DE
Submission: On July 12 via api from TR — Scanned from DE
Form analysis 1 forms found in the DOM
<form><span class="text-black text-sm icon-search"></span><input name="s" placeholder="Search…" type="text" value=""><button type="submit">Go</button></form>Text Content
This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy. Accept * Leadership * Cybercrime * Nation-state * Elections * Technology * Cyber Daily® * Click Here Podcast Go Subscribe to The Record ✉️ Free Newsletter An Advance Auto Parts store in North Windham, Connecticut. Image: JJBers / Flickr / CC BY 2.0 Jonathan Greig July 11th, 2024 * Industry * Cybercrime * News * * * * * Get more insights with the Recorded Future Intelligence Cloud. Learn more. ADVANCE AUTO PARTS SAYS MORE THAN 2 MILLION IMPACTED BY DATA BREACH More than 2.3 million people were impacted by a recent breach affecting Advance Auto Parts — one of the world’s largest automotive products retailers. In filings with regulators in Maine, Vermont, Texas and several other states, the company said 2,316,591 people had names, Social Security numbers, driver’s license or other government issued identification numbers as well as dates of birth leaked during a May campaign against customers of data storage giant Snowflake. Advance Auto Parts previously confirmed that it was one of about 160 companies impacted by a string of attacks against customers of Snowflake. Last month a hacker on a popular cybercriminal forum posted a stolen database allegedly from Advance Auto Parts that contained information on 380 million customers. BleepingComputer confirmed that at least some of the data was legitimate, and Advance Auto Parts told WIRED at the time that it was investigating the claim. In the breach notification letters sent to victims on Wednesday, the company said that “like many other companies” it discovered the incident affecting Snowflake customers on May 23. The company said it began an investigation alongside hired help to look into the breach. “Our investigation determined that an unauthorized third party accessed or copied certain information maintained by Advance Auto Parts from April 14, 2024 to May 24, 2024,” the company said, noting that the review was finished on June 10. Victims are being given 12 months of identity protection services. Advance Auto Parts has more than 4,700 stores across the U.S. ONE OF MANY Other affected Snowflake customers include one of the largest school districts in the US, Neiman Marcus, Santander, Ticketmaster, LendingTree and more. Investigations by Snowflake and several cybersecurity companies showed that the data storage platform itself was never hacked — with cybercriminals instead stealing the login credentials for specific Snowflake accounts with malware. Cisco Talos expert Nick Biasini recently said the incident highlights a growing concern defenders have about cybercriminal groups that are stealing and selling stolen credentials “by the thousands or tens of thousands.” “These actors operate large scale campaigns, gather, vet, and organize the credentials they harvest ready to sell to the highest bidder,” he said. “This ecosystem includes providing tooling for searching and extracting specific types of data from the logs and validating the credentials before offering.” TechCrunch reported on a website where cybercriminals could access the Snowflake login credentials for more than 500 accounts representing large companies like Ticketmaster and Santander. Cybercriminals used infostealer malware to obtain the credentials used by employees to access Snowflake databases, the news outlet reported. Mandiant previously said the hacking group behind the Snowflake campaign is “based in North America, and collaborates with an additional member in Turkey.” * * * * * Tags * retail * data breach * Snowflake * Cars Previous articleNext article Russian disinformation network’s infrastructure is spread across Europe, report says Hacker ‘Tank’ gets prison sentence for connections to Zeus and IcedID malware Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic. BRIEFS * Hacker ‘Tank’ gets prison sentence for connections to Zeus and IcedID malwareJuly 11th, 2024 * Macau government websites hit with cyberattack by suspected foreign hackersJuly 11th, 2024 * NATO members commit to creating new cyber center in BelgiumJuly 11th, 2024 * GOP platform says protecting critical infrastructure from hackers is a ‘national priority’July 9th, 2024 * Ticketmaster discredits dark web claims of stolen barcodes for Taylor Swift concertsJuly 5th, 2024 * Prudential revises breach notice to say 2.5 million affected by February incidentJuly 1st, 2024 * TeamViewer: Hackers copied employee directory and encrypted passwordsJuly 1st, 2024 * Indonesia arrests over 100 foreigners in Bali suspected of participating in cybercrimeJune 28th, 2024 * Law enforcement searches of Clearview AI facial recognition doubled in past year June 27th, 2024 OILALPHA MALICIOUS APPLICATIONS TARGET HUMANITARIAN AID GROUPS OPERATING IN YEMEN OilAlpha Malicious Applications Target Humanitarian Aid Groups Operating in Yemen CAUGHT IN THE NET: USING INFOSTEALER LOGS TO UNMASK CSAM CONSUMERS Caught in the Net: Using Infostealer Logs to Unmask CSAM Consumers SOMBRES INFLUENCES: RUSSIAN AND IRANIAN INFLUENCE NETWORKS TARGET FRENCH ELECTIONS Sombres Influences: Russian and Iranian Influence Networks Target French Elections RUSSIA-LINKED COPYCOP EXPANDS TO COVER US ELECTIONS, TARGET POLITICAL LEADERS Russia-Linked CopyCop Expands to Cover US Elections, Target Political Leaders CHINESE STATE-SPONSORED REDJULIETT INTENSIFIES TAIWANESE CYBER ESPIONAGE VIA NETWORK PERIMETER EXPLOITATION Chinese State-Sponsored RedJuliett Intensifies Taiwanese Cyber Espionage via Network Perimeter Exploitation * * * * * * Privacy * About * Contact Us © Copyright 2024 | The Record from Recorded Future News