HQ/EMEAFind out how we can help your business
AutoZone, one of the industry’s most significant automotive spare parts providers, is warning its customers about a data breach incident caused by the Clop MOVEit file transfer attacks that could compromise their information.
AutoZone, an automotive and spare parts provider in the US, operates an extensive network of 7,140 shops across the country and in Brazil, Mexico, and Puerto Rico. This company has an impressive annual revenue of nearly $17.5 billion. Moreover, it is home to about 119 employees, and its online store draws in 35 million users monthly.
Earlier this year, the Clop ransomware group exploited a zero-day MOVEit vulnerability, causing widespread breaches in organisations globally. The group has also included double extortion and data leaks that impacted millions of individuals. The automotive company reported to US authorities earlier this week that it fell victim to these attacks on May 28, 2023, compromising the data of nearly 190,000 people.
AutoZone rolled out notification letters to explain the unfortunate event.
According to the notification letter distributed by AutoZone to affected individuals, an unauthorised party has exploited a flaw associated with MOVEit, exfiltrating specific data from their system supporting the MOVEit application.
The company thoroughly analysed the affected system and claimed the compromised data could have potential impacts. Specifically, the automotive company identified that exploiting the MOVEit application vulnerability resulted in the exfiltration of specific information. It took an additional three months for the company to confirm the nature of the stolen data and identify those impacted individuals.
The letter shared by the company with authorities skipped details about the compromised data type. However, the Office of the Maine Attorney General revealed references to “full names” and “social security numbers.”
On the other hand, AutoZone has covered the cost of identity theft protection services for the letter recipients, urging them to remain vigilant for the next 24 months and report any suspicious incidents to law enforcement agencies.
Recipients of the notification letters should be extra cautious with any unsolicited communications starting today, as threat actors could likely use the stolen data to execute phishing attacks and social engineering operations.
