Top carmaker Advance Auto Parts confirms stolen data for sale following Snowflake attack

News
By published

Third attack following apparent Snowflake breach

Zero-day attack
(Image credit: Shutterstock) (Image credit: Shutterstock.com)

The recent Snowflake breach is slowly but surely turning into the next major global cybersecurity event after another major company confirmed having its sensitive data taken.

Following recent incidents affecting Santander and Ticketmaster, American automotive aftermarket parts provider Advance Auto Parts appears to have had three terabytes of data stolen and put up for sale online.

The company primarily operates in the United States, Puerto Rico, the U.S. Virgin Islands, and Canada. It supplies replacement automotive parts, accessories, batteries, and maintenance items for both professional installers and do-it-yourself (DIY) customers. The company operates more than 4,500 stores and more than 300 Worldpac branches. 

No official confirmation

According to BleepingComputer, who confirmed the authenticity of at least some of the data, the threat actor stole 380 million customer profiles (names, emails, mobile phones, postal addresses, and more), 140 million customer orders, 44 million loyalty / gas card numbers, auto parts and part numbers, sale history, employment candidate information with Social Security Numbers (SSN), driver’s license numbers, and demographic details, and transaction tender details.

Finally, the threat actor is selling information on 358,000 employees. Since Advance Auto Parts counts fewer than 70,000 employees, this could also include former workers, as well. 

The hacker, alias Sp1d3r, is selling the database for $1.5 million. The company is yet to make a former announcement, or submit the 8-K form with the SEC.

Earlier this month, Ticketmaster notified the SEC of a breach in which sensitive information on more than 500 million users were allegedly stolen. In the filing, the company said it “identified unauthorized activity within a third-party cloud database environment,” with a spokesperson telling the media the cloud service provider was Snowflake.

Snowflake later said it wasn’t to blame for the incident. In a forum thread posted on June 2, Snowflake representatives said an preliminary investigation, conducted by both CrowdStrike and Mandiant, suggested this was a credential stuffing attack, and not a system vulnerability being exploited.

Snowflake has almost 10,000 customers, including high-profile organizations such as Adobe, AT&T, Kraft Heinz, Mastercard, Micron, Capital One, Doordash, HP, Nielsen, Novartis, Okta, PepsiCo, Siemens, and many others.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Security
American National Insurance Company breach data found online
A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
A top online gift card store may have exposed private data on hundreds of thousands of users
A man looking at a tablet with a brown Best Buy package on the desk in front of him
Huge Christmas data breach - 14 million shipping records leaked, putting shoppers at risk
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Major ransomware attack sees Tata Technologies hit - 1.4TB dataset with over 730,000 files allegedly stolen
A person with a laptop using a credit card online.
Avery label maker confirms attack on its site, customer credit card info stolen
Someone holding a passport with two boarding passes inside it
Top digital loan firm security slip-up puts data of 36 million users at risk
Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
Brad Pitt looks over his right shoulder with 'F1' written behind him
Apple Original Films will take you behind-the-scenes of a racing cockpit in this new thrilling F1 movie trailer
AI writer
Coding AI tells developer to write it himself
Reacher looking down at another character from the Prime Video TV series Reacher
Reacher season 3 becomes Prime Video’s biggest returning show thanks to Hollywood’s biggest heavyweight
Image showing detail of the Leica D-Lux 8
Still can't get a Fujifilm X100VI? This premium Leica compact costs less, and it's in stock
Man using iMessage on an iPhone
Apple will finally enable encrypted RCS messages between iOS and Android, and it's about time
Google Messages update
Google Messages could soon follow WhatsApp with an upgrade that makes it much easier to join group chats
More about security
Data Breach

Thousands of healthcare records exposed online, including private patient information
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.

AI agents can be hijacked to write and send phishing attacks
Trinity Rodman #2 of the Washington Spirit crosses the ball during a game between Bay FC and Washington Spirit at Audi Field on November 10, 2024 in Washington, DC.

National Women's Soccer League 2025: How to watch NWSL games live from anywhere
See more latest
Most Popular
Nokia 5G 360 Camera
This is the world's first 8K 5G 360 degrees camera - and it is also weatherproof
AI writer
Coding AI tells developer to write it himself
Data Breach
Thousands of healthcare records exposed online, including private patient information
Brad Pitt looks over his right shoulder with 'F1' written behind him
Apple Original Films will take you behind-the-scenes of a racing cockpit in this new thrilling F1 movie trailer
Google Messages update
Google Messages could soon follow WhatsApp with an upgrade that makes it much easier to join group chats
Reacher looking down at another character from the Prime Video TV series Reacher
Reacher season 3 becomes Prime Video’s biggest returning show thanks to Hollywood’s biggest heavyweight
Nvidia RTX 6000
Details of Nvidia's fastest video card ever leak; RTX Pro 6000 Blackwell GPU will have 96GB GDDR7 ECC memory
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
Hasselblad X2D 100C camera in user's hand, their blue jacket in background
My dream Hasselblad camera is getting a sequel soon, according to new leaks – here are 5 upgrades I’m hoping for
Harry Halpin, CEO and co-founder of Nym Technologies, and Chelsea Manning, Nym Technlogies' security consultant, on stage at the Frontline Club in London during the NymVPN launch on March 13, 2025.
NymVPN is now live – here's everything you need to know