Massive Snowflake Cyberattack Exposes Data of Advance Auto Parts Customers

Written by Gabby Lee

June 6, 2024

Massive Snowflake Cyberattack Exposes Data of Advance Auto Parts Customers

Threat Actors Sold 380 Million Customer Records Online After Breaching Cloud Storage Provider in the Snowflake Cyberattack.

Threat actors have claimed to steal and are now selling personal and financial details of over 380 million Advance Auto Parts customers online after breaching the automotive retailer’s cloud storage provider Snowflake.

According to the threat actor going by the name ‘Sp1d3r’, they were able to steal around 3 terabytes of internal files and databases containing highly sensitive customer records from Advance Auto Parts’ Snowflake account in recent months.

Advance Auto Parts Snowflake Data Breach

Details of Leaked Information in Snowflake Cyberattack 

Following information from Advance Auto Parts was leaked in the Snowflake cyberattack

  • 380 million customer profiles containing names, email addresses, phone numbers, home addresses and order details
  • 140 million customer orders
  • 44 million loyalty program and gas card numbers along with associated personal details
  • Sales histories and transaction records
  • Product information and auto parts/part numbers
  • Employment records and applications containing sensitive PII like social security numbers and driver’s license images of candidates

Transaction payment details as quoted by the threat actor, “We have stolen massive amounts of internal and confidential data from Advance Auto Parts’ Snowflake account. We are now selling this stolen data online which includes records of over 380 million customers along with their personal and financial details.”

However, the company is yet to publicly acknowledge this cyberattack. When contacted, an Advance Auto Parts spokesperson did not provide any comment on the reported data breach.

Stolen Data Confirmed to be from Snowflake Data Breach

BleepingComputer first confirmed that a portion of the customer records being sold by the hackers online do indeed belong to Advance Auto Parts after cross-referencing details from randomly sampled data sets.

The stolen files clearly had references to ‘Snowflake’ scattered throughout, corroborating the threat actor’s claim that the data originated from the cloud data warehouse provider.

Snowflake is a popular cloud data platform used by over 9,400 companies worldwide for securely storing and analyzing their databases in cloud services like Amazon Web Services, Microsoft Azure and Google Cloud.

However, in recent months, Snowflake accounts of multiple customers have been targeted by hackers after leveraging credentials of employees likely stolen through phishing attacks or malware infections on corporate machines.

The same group is believed to be behind other reported data breaches at companies like Ticketmaster and Santander as well.

Snowflake Denies Any Vulnerabilities in Their Systems

While Snowflake claims that no vulnerabilities were found within their own platform, they did acknowledge that in some cases attackers were able to leverage compromised employee credentials to first access the cloud tenants before stealing sensitive data.

Moving forward, Snowflake is working with law enforcement and federal agencies on further hardening security and notifying customers about the ongoing risks.

The Snopwflake data breach exposed highly sensitive personal and financial details of over 380 million individuals who have shopped with Advance Auto Parts. With such a large scale theft, affected customers are now at an elevated risk of identity theft and phishing attacks.

Both the companies and Snowflake will need to promptly investigate the root causes and notify all impacted parties. More details are likely to emerge in the coming weeks on the full scale of this worrying Snowflake cyberattack.

Related Articles

How AI is Revolutionizing Phishing Attacks

How AI is Revolutionizing Phishing Attacks

 -  New: New Phishing attacks have long been a major concern for enterprise organizations wordwide. As technology continues to advance, cybercriminals are finding new and innovative ways to exploit vulnerabilities and deceive unsuspecting individuals. In recent years,...

Stay Up to Date With The Latest News & Updates

Join Our Newsletter


Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!