Advance Auto Parts tied up in Snowflake breaches

As reported on:

Advance Auto Parts is investigating a potential data breach linked to the recent Snowflake cyber incident, a spokesperson said yesterday.

Why it matters: A recent listing on a dark web hacker forum suggests that malicious actors may have stolen information about at least 380 million customers from the automotive supply retail chain.

What they’re saying: “We are aware of reports that Advance may be involved in a security incident related to Snowflake,” Advance spokesperson Darryl Carr told Axios. “We have not experienced any impact to our operations or systems.”

The big picture: Hackers have been targeting cloud computing company Snowflake’s customers who didn’t have multi-factor authentication turned on.

  • Snowflake has said that a recent string of data breaches was not tied to a vulnerability on its systems, company breach or product misconfigurations.
  • Ticketmaster has said that a recent data breach affecting at least 500 million people was tied to a database stored with Snowflake.
  • TechCrunch reported this week on the discovery of a dark web database that appears to include legitimate Snowflake customers’ credentials, stolen via infostealer malware.