Approximately 185,000 AutoZone customers are receiving far more than they bargained for. The auto parts retailer recently informed authorities that it was the victim of a ransomware attack earlier this year in which hackers gained access to the personal information of thousands of customers.
The company notified the Maine Attorney General’s office of the breach, stating that the hackers had obtained the full names and Social Security numbers of its customers. AutoZone stated that the hack occurred in May and that the attack was carried out using a vulnerability in MOVEit, a file transfer software used by thousands of businesses.
Researchers discovered that the software caused a data breach involving 62 million people, making it one of the largest in recent memory. While leaking credit card numbers and other personal information is bad enough, having Social Security numbers floating around on a hacker’s hard drive opens the door to identity theft.
Determining the scope of the hack takes time, and companies must then conduct forensic documentation to locate and patch any vulnerabilities. It’s unfortunate, however, that it takes so long because it gives hackers a huge head start in selling and using customers’ data.
In addition to the AutoZone breach, the MOVEit hack exposed the personal information of nearly the entire population of Maine. According to the state, bad actors gained access to data on 1.3 million people, or the vast majority of the population.
