These days, one of the things that is becoming more of a trend if threat actors exploiting critical vulnerabilities in software and attacking reputable organisations. The newest company to fall prey to one such attack is reputed and wide spread retailer of spread car parts, AutoZone.
The ransomware in question is the Cl0p ransomware, which has been responsible for the MOVEit data fiasco. From its end, AutoZone has filed a notice with the Maine Attorney General’s office. Additionally, they have started identifying and notifying the users whose data has been breached.
The scary part is that the data breach occurred in May 2023, and they confirmed the same in mid August 2023. What took them so long to come to terms with the attack is anybody’s guess.
The official notification issued by AutoZone says – “AutoZone became aware that an unauthorized third party exploited a vulnerability associated with MOVEit and exfiltrated certain data from an AutoZone system that supports the MOVEit application. We have performed an analysis of the affected system and associated data to determine whether your information was potentially impacted. More specifically, on or about August 15, 2023, AutoZone determined that the exploitation of the vulnerability in the MOVEit application had resulted in the exfiltration of certain data.”
Now, the announcement has not thrown light on the type of data that has been stolen, but the notice filed in the Maine Attorney General’s office states that full names and social security numbers have been breached, and this information is enough to pull off a wire fraud or an identity fraud as well.
So far, it has been confirmed that 180,000 people have been affected in this data breach, and AutoZone is working alongside the authorities to bring this to an and. They have also offered to provide free identity protection to the victims for a period of two years. They have also requested all their users to be vigilant online, especially when responding to text messages.
As far as the Russian Cl0p ransomware is concerned, the group has published all the stolen data on the data leak site.
