Malware
Advance Auto Parts Reveals Devastating Data Breach: Employee Information Compromised
Advance Auto Parts has confirmed a data breach that exposed employee information, including social security numbers. Though the company hasn’t disclosed the scale of the breach, it is offering affected employees a year of free credit monitoring and identity theft protection services.
It’s official: Advance Auto Parts has fallen victim to a data breach. We discovered this when a hacker tried to sell the stolen data on a hacking forum earlier this month. This is no small-time company either—Advance operates thousands of stores across North America and the Caribbean.
What happened?
Earlier this month, we reported that a hacker going by the name ‘Sp1d3r’ was selling data they claimed to have stolen during recent cyberattacks. The data appeared to be associated with Advance Auto Parts, so we tried to get in touch with the company. Despite multiple attempts, we never received a response.
But now, thanks to an SEC filing spotted by a security researcher, Advance Auto Parts has finally confirmed that their data was indeed stolen from a third-party cloud database environment.
“On May 23, 2024, Advance Auto Parts, Inc. (the “Company”) identified unauthorized activity within a third-party cloud database environment containing Company data and launched an investigation with industry-leading experts,” reads the filing.
What’s at stake?
According to Advance, the stolen files contain personal information of both current and former employees, as well as job applicants. This includes sensitive data like social security numbers and other government identification numbers.
When we investigated the data leak, we also found employees’ full names and email addresses, along with what appears to be customer information such as names and email addresses.
What’s being done about it?
Advance says they will send data breach notifications to those affected and offer free credit monitoring and identity restoration services as necessary. It’s not clear at this time if this will be provided to exposed customers as well as employees.
In the meantime, the company has reported that they’ve incurred $3 million in expenses due to the incident.
Don’t be a victim—protect your data!
This breach is just another reminder of the importance of robust cybersecurity measures. If you’re concerned about the safety of your personal or business data, don’t hesitate to reach out to us for expert advice and solutions. And be sure to keep coming back for the latest updates on cybersecurity news and trends. Together, we can stay one step ahead of the hackers!