Major U.S. automotive aftermarket parts vendor Advance Auto Parts has confirmed that more than 2.31 million individuals had their information compromised as part of a widespread attack against organizations with Snowflake cloud storage environments in May, reports The Record, a news site by cybersecurity firm Recorded Future.
Infiltration of systems enabled attackers to exfiltrate individuals' names, birthdates, Social Security numbers, and other government-issued ID numbers stored between April 14 and May 24, said Advance in filings with Maine, Texas, and Vermont regulators. Such an attack against Snowflake environments that also impacted Ticketmaster, Santander Bank, LendingTree, and Neiman Marcus, emphasizes the growing threat of massive credential theft operations, according to Cisco Talos' Nick Biasini. "These actors operate large scale campaigns, gather, vet, and organize the credentials they harvest ready to sell to the highest bidder. This ecosystem includes providing tooling for searching and extracting specific types of data from the logs and validating the credentials before offering," said Biasini.
