A threat actor has surfaced, claiming to be selling a vast database allegedly belonging to Advance Auto Parts (AAP). The purported data, amounting to a staggering 3TB, reportedly originates from AAP’s Snowflake data warehouse and includes a wealth of sensitive information.
According to the threat actor, the database encompasses:
- 380 Million Customer Profiles: Including names, emails, mobile numbers, phone numbers, addresses, and more.
- 140 Million Customer Orders: Detailing purchase histories.
- 44 Million Loyalty / Gas Card Numbers: Accompanied by customer details.
- 358,000 Employee Records: Containing employment details.
- Auto Parts Information: Including part numbers.
- Sales History: Comprehensive records of transactions.
- Employment Candidate Information: Featuring Social Security Numbers (SSNs), drivers license numbers, and demographic details.
- Transaction Tender Details: Information about payment methods and transactions.
- Over 200 Tables of Data: Spanning various aspects of the business.
Purchase Information
Price: $1.5 Million USD
Conditions: The sale requires a middleman to facilitate the transaction.
If the claims are valid, this breach could have significant ramifications for Advance Auto Parts, potentially compromising the privacy and security of millions of customers and employees. The company, known for its extensive network of automotive parts and services, might face severe consequences, including legal challenges and loss of customer trust.
