Advance Auto Parts, an auto parts retailer with stores across the United States, has been hit by a data breach affecting more than 2.3 million customers.
The incident is reportedly linked to other data breaches, including the recent one at Ticketmaster.
Advance Auto Parts confirmed that cyber attackers were able to access information such as Social Security numbers, driver’s license and other government issued identification numbers.
For security alerts and expert tips, sign up for KURT’s newsletter, The Cyberguy Report, here.
Advance Auto Parts Store (Advance Auto Parts)
Identification and scope of violation
On June 19, Advance Auto Parts acknowledged that it was affected by a data breach, but that only current and former employees and job applicants were at risk. Advance has now completed its internal investigation into the incident and has determined that 2,316,591 people were affected.
Click here to get FOX Business on the go
Breach Timeline and Details
“Following an investigation, it was determined that between April 14, 2024 and May 24, 2024, certain information stored by Advance Auto Parts was accessed or copied by an unauthorized third party,” the company said. Notification sent by Advance Auto Parts To affected individuals: “We have conducted an in-depth review and analysis of the affected information to determine the type of information it contains and who it pertains to.”
Disclosed information
The company confirmed that the breach gave hackers access to data such as names, Social Security numbers, driver’s license and government ID numbers, but since this data was collected as part of Advance’s hiring process, it appears that only employee and applicant data was exposed.
How to remove your personal information from the internet
Possible hacker involvement
While Advance has not revealed the name of the hacker responsible for the attack, a threat actor known as “Sp1d3r” began selling the massive 3 terabyte database on June 5, 2024. The database purportedly contains 380 million Advance customer records, including orders, transaction details, and other sensitive information. While the figure Sp1d3r claims is significantly lower than the 2.3 million figure reported by Advance, it is possible that Sp1d3r was behind the attack.
Part of a larger attack
Hackers accessed Advance Auto Parts’ data stored on the cloud storage service Snowflake over a period of more than a month, beginning in mid-April 2024. The incident is reported to be part of a larger attack targeting Snowflake accounts using stolen credentials. Other companies affected by this campaign include Pure Storage, Ticketmaster, etc.
Click here to read more US news
Exterior of Advance Auto Parts store (Advance Auto Parts)
What ruthless hackers stole from 110 million AT&T customers
How is Advance Auto Parts responding to the breach?
Advance Auto Parts says it immediately stopped the unauthorized access and has taken preventative measures to prevent future unauthorized access. The company also notified law enforcement and is working with third-party cybersecurity experts to further harden its systems.
Affected individuals will also be offered 12 months of free credit monitoring and identity theft protection, which they can sign up for by October 1, 2024.
Advance Auto Parts did not respond to a request for comment by deadline.
Car Motor (Kurt “Cyberguy” Knutson)
World’s largest database of stolen passwords uploaded to crime forum
7 preventative measures to deal with the Advance Auto Parts data breach
If you believe you have been affected by the Advance Auto Parts data breach, please follow these steps to protect yourself and your personal data.
1. Stay up to date: Keep checking the latest news about the Advance Auto Parts data breach and other reliable sources to stay aware of the status of your systems and services.
2. Monitor your accounts and transactions. Regularly check your online accounts and transactions for suspicious or fraudulent activity. If you notice anything unusual, report it to your service provider or the authorities as soon as possible. Also, check your credit report and credit score for signs of fraudulent activity. Identity Theft Or fraud.
3. Use identity theft protection: Identity theft protection companies can monitor your personal information, such as your home ownership, social security number, phone numbers, and email addresses, and alert you if it’s being used to open accounts. They can also help you freeze bank and credit card accounts to prevent further fraud by criminals. Check out these tips and best choices for protecting yourself against identity theft.
4. Change your password. Advance Auto Parts says no personal information such as phone numbers or email addresses was leaked, but recommends changing your passwords. Password Manager Generate and store complex passwords.
5. Beware of phishingPlease pay special attention to: Phishing scams Cyber attacks often lead to an increase in phishing emails and phone calls trying to exploit the situation. The best way to protect yourself from clicking on malicious links that could install malware that could access your personal information is to install strong antivirus protection on all your devices. This will also alert you to phishing emails and ransomware scams. We’ve handpicked the winners of the best antivirus protection of 2024 for Windows, Mac, Android and iOS devices.
6. Be careful with mailbox communicationBad actors can also commit mail fraud. Data leaks give them access to your address. They can impersonate people or brands you know and use themes that require urgent action, such as delivery delays, account suspensions, and security alerts.
7. Invest in personal data deletion services: No service promises to delete all your data from the Internet, but if you want to constantly monitor and automate the process of continually deleting information from hundreds of sites over a long period of time, a deletion service can be a useful tool. Check out my recommended data deletion services here.
Confidential patient information exposed in data breach at major pharmaceutical company
Important points about the cart
Hackers have begun targeting large companies with their attacks. Cyberattack paralyzed CDK GlobalNow, the automotive industry has been hit again by an attack on Advance Auto Parts. These companies need to strengthen their systems to prevent such attacks from affecting them. Also, the government needs to enact laws that prohibit the retention of customer personal information unless necessary.
Click here to get the FOX News app
How important is a company’s cybersecurity track record to you when deciding where to shop? Let us know in the comments below. Cyberguy.com/Contact Us.
If you want to receive more of my tech tips and security alerts, subscribe to the free CyberGuy Report newsletter at the link below. Cyberguy.com/Newsletter.
Have a question for Kurt or tell us the story you’d like to see featured?.
Follow Kurt on his social channels
Answers to the CyberGuy’s most frequently asked questions:
Copyright 2024 CyberGuy.com. All Rights Reserved.
