[ad_1]
AutoZone, a US-based retailer and distributor of automotive spare parts and accessories, has warned its customers that their data has been compromised as part of the Clop MOVEit file transfer attacks. The retailer told the authorities that it was targeted in the Clop ransomware gang‘s MOVEit attacks earlier this year.
As per a breach notification submitted to the Office of the MaineAttorney General, the data leak from the auto parts retailer affected 184,995 individuals.The notification mentioned that the hackers obtained personal information, such as full names and social security numbers.
“AutoZone became aware that an unauthorised third party exploited a vulnerability associated with MOVEit and exfiltrated certain data from an AutoZone system that supports the MOVEit application,” reads the notification.
The company operates 7,140 shops in the United States, as well as in Brazil, Mexico, and Puerto Rico.
In May earlier this year, the Clop ransomware gang exploited and targeted thousands of organisations worldwide. The hackers took advantage of a vulnerability in MOVEit, a file transfer software, to attack over 2,000 organisations, affecting 62 million people. They followed up with double extortion and data leaks that impacted millions of people.
AutoZone became aware that it was a victim of the Clop attack in August, but it was only recently that they identified the affected data. However, Clop claimed responsibility for an attack on AutoZone in July, where they leaked 1.1GB of internal and employee data from the automotive retailer, according to Bleeping Computer.
“We have performed an analysis of the affected system and associated data to determine whether your information was potentially impacted.” said the company. “More specifically, on or about August 15, 2023, AutoZone determined that the exploitation of the vulnerability in the MOVEit application had resulted in the exfiltration of certain data.”
The retailer is covering the cost of identity theft protection services for those affected.
As per a breach notification submitted to the Office of the MaineAttorney General, the data leak from the auto parts retailer affected 184,995 individuals.The notification mentioned that the hackers obtained personal information, such as full names and social security numbers.
“AutoZone became aware that an unauthorised third party exploited a vulnerability associated with MOVEit and exfiltrated certain data from an AutoZone system that supports the MOVEit application,” reads the notification.
The company operates 7,140 shops in the United States, as well as in Brazil, Mexico, and Puerto Rico.
In May earlier this year, the Clop ransomware gang exploited and targeted thousands of organisations worldwide. The hackers took advantage of a vulnerability in MOVEit, a file transfer software, to attack over 2,000 organisations, affecting 62 million people. They followed up with double extortion and data leaks that impacted millions of people.
AutoZone became aware that it was a victim of the Clop attack in August, but it was only recently that they identified the affected data. However, Clop claimed responsibility for an attack on AutoZone in July, where they leaked 1.1GB of internal and employee data from the automotive retailer, according to Bleeping Computer.
“We have performed an analysis of the affected system and associated data to determine whether your information was potentially impacted.” said the company. “More specifically, on or about August 15, 2023, AutoZone determined that the exploitation of the vulnerability in the MOVEit application had resulted in the exfiltration of certain data.”
The retailer is covering the cost of identity theft protection services for those affected.
[ad_2]
Source link
