Skip to main content

Advance Auto Parts Data Breach Investigation

The Lyon Firm is investigating data theft claims on behalf of individuals nationwide who have been impacted by the recent Advance Auto Parts data security incident. Contact our data breach lawyers if you or a loved one have received a notification letter in the mail. Our legal team offers free consultations and case reviews to plaintiffs in all fifty states. 

What Happened at Advance Auto Parts?

Advance Auto Parts is one of the biggest names in automotive aftermarket parts, but it is certainly not immune from cyberattacks. As so many others have fallen victim to ransomware attacks and data theft incidents in the last few years, the company appears to have found itself in a difficult IT security situation.

This particular data breach allegedly originated from a compromised Snowflake account, which then led to the theft of three terabytes of sensitive personal data. Advance Auto Parts, the familiar face of auto parts and accessories, including batteries, brake pads, spark plugs, rotors and drums, engine oil, oil filters, wipers, auto tools, and speaker systems employs over 68,000 individuals. Employees may have had their information leaked, and it has been reported that as many as 380 million customer profiles may have been at risk.

UPDATE: According to a recent data breach notification sent out from the company, the attack on Advance Auto Snowflake account exposed the data of 2.3 million individuals. The published data breach letter says,  “On May 23rd, 2024, we learned that, like many other companies, an unauthorized third party gained access to certain information maintained by Advance Auto Parts within Snowflake, our cloud storage and data warehousing vendor.” 

The company says attackers obtained “Social Security number, driver’s license or other government-issued identification number, and date of birth.”

What was leaked in the Advance Auto Parts Data Breach?

According to sources, the threat actors responsible claim to be selling 3TB of data belonging to both customers and employees, potentially including Social Security numbers and driver’s license numbers.

The bad actor (using the Sp1d3r handle) revealed that the data stolen from Advance’s Snowflake cloud storage environment includes the following:

  • 380 million customer profiles (name, email, mobile, phone, address, and more)
  • 140 million customer orders
  • 44 million Loyalty / Gas card numbers (with customer details)
  • Auto parts/part numbers
  • Sales history
  • Employment candidate info with SSNs, driver’s license numbers, and demographic details
  • Transaction tender details

The threat actor is selling Advance’s data for $1.5 million on a hacking forum, and told reporters that the data had been stolen in recent attacks targeting Snowflake customers since April 2024.

Understanding the Snowflake Cyberattack

According to Snowflake’s Chief Information Security Officer, the attack involved a compromised employee demo account. The attackers might have used stolen credentials to access and exfiltrate data from existing Snowflake accounts.

Snowflake’s cloud, utilized by over 9,000 customers (including huge names like Ticketmaster, Adobe, AT&T, Kraft Heinz, Mastercard, Micron, Capital One, Doordash, HP, Nielsen, Novartis, LendingTree, PepsiCo, Siemens, Instacart, JetBlue, NBC Universal, US Foods, Western Union, and Yamaha), has allegedly been at risk for months.

It goes without saying that Advance Auto is not the only Snowflake customer whose data was exfiltrated from the network. Some Snowflake customers, in fact, have allegedly already paid to get their data back but this has not yet been confirmed.

The cybersecurity industry players, including large firms like Mandiant and CrowdStrike, are involved in addressing this breach. This particular incident, much like the MOVEit breach last year, serves as a reminder that companies need to keep a watchful eye not only on their own IT systems but on any contracted third party handling customer data. We believe companies have a duty to properly manage and secure their cloud environments against cyber threats.

Call our data breach lawyers now if you believe your personal data has been leaked in the alleged Advance Auto Parts breach. We are currently involved in numerous class action data privacy lawsuits, and we have the experience and resources to file successful claims to recover compensation.