The data set allegedly also includes information about 358,000 employees and candidates\u2014which is a lot more than are currently employed by Advance Auto Parts (69,000 in 2023).<\/p>\n
The cybercriminal is asking $1.5 Million for the data set.<\/p>\n Advance Auto Parts has not disclosed any information about a possible data breach and has not responded to inquiries. But BleepingComputer confirms<\/a> that a large number of the Advance Auto Parts sample customer records are legitimate.<\/p>\n Interestingly enough, the seller claims in their post that the data comes from Snowflake, a cloud company used by thousands of companies to manage their data. On May 31st, Snowflake said<\/a> it had recently observed and was investigating an increase in cyber threat activity targeting some of its customers\u2019 accounts. It didn\u2019t mention which customers.<\/p>\n At the time, everybody focused on Live Nation \/ Ticketmaster<\/a>, another client of Snowflake which said it had detected unauthorized activity within a \u201cthird-party cloud database environment\u201d containing company data.<\/p>\n The problem allegedly lies in the fact that Snowflake lets each customer manage the security of their environments, and does not enforce multi-factor authentication (MFA)<\/a>.<\/p>\n Online media outlet TechCrunch says<\/a> it has:<\/p>\n \u201cSeen hundreds of alleged Snowflake customer credentials that are available online for cybercriminals to use as part of hacking campaigns, suggesting that the risk of Snowflake customer account compromises may be far wider than first known.\u201d<\/p>\n<\/blockquote>\n TechCrunch also says it found more than 500 credentials containing employee usernames and passwords, along with the web addresses of the login pages for Snowflake environments, belonging to Santander, Ticketmaster, at least two pharmaceutical giants, a food delivery service, a public-run freshwater supplier, and others.<\/p>\n Meanwhile, Snowflake has urged its customers to immediately switch on MFA for their accounts.<\/p>\n There are some actions you can take if you are, or suspect you may have been, the victim of a data breach<\/a>.<\/p>\n While the Advance Auto Parts data has yet to be confirmed, it\u2019s likely you\u2019ve had other personal information exposed online in previous data breaches. You can check what personal information of yours has been exposed with our Digital Footprint portal. Just enter your email address (it\u2019s best to submit the one you most frequently use) to our\u00a0free Digital Footprint scan<\/a>\u00a0and we\u2019ll give you a report.<\/p>\n![\"post](\"https:\/\/www.malwarebytes.com\/wp-content\/uploads\/sites\/2\/2024\/06\/For_sale_AAP_redacted.jpg\")
\n
Protecting yourself after a data breach<\/h2>\n
\n
Check your exposure<\/h2>\n