We can now add US car part maker AutoZone to the ever-growing list of Cl0p ransomware victims, as the MOVEit data fiasco spreads even further.
The company has filed a notice with the Maine Attorney General’s Office, detailing the breach, and also started notifying affected individuals, BleepingComputer reported.
As per the announcements, AutoZone suffered a data breach in late May 2023, and confirmed the data theft in mid-August.
Hundreds of thousands AutoZone customers affected
“AutoZone became aware that an unauthorized third party exploited a vulnerability associated with MOVEit and exfiltrated certain data from an AutoZone system that supports the MOVEit application,” it says in the notification. “We have performed an analysis of the affected system and associated data to determine whether your information was potentially impacted. More specifically, on or about August 15, 2023, AutoZone determined that the exploitation of the vulnerability in the MOVEit application had resulted in the exfiltration of certain data.”
While the announcement doesn’t detail which types of data were stolen, the filing with the Office of the Maine Attorney General states “full names” and “social security numbers.” Enough for identity theft or even wire fraud.
In total, more than 180,000 people were affected by the incident. AutoZone offered free identity theft protection services for the victims for the next two years and urged them to remain vigilant, especially when receiving messages via email or social media.
At the same time, the Russian-speaking Cl0p ransomware operator published all of the data stolen in the attack on its data leak site. The archive is approximately 1.1GB and holds employee names, email addresses, parts supply details, tax information, payroll documents, Oracle database files, and more. It seems that customers were spared this time.
AutoZone is a major retailer of spare car parts, running more than 7,000 shops across the US, and employing almost 120,000 people.