We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

2.3 Million Users Affected by Advance Auto Parts Breach

2.3 Million Users Affected by Advance Auto Parts Breach
Author Image Husain Parvez
Husain Parvez Published on 16th July 2024 Cybersecurity Researcher

Advance Auto Parts has confirmed that a data breach has affected over 2.3 million individuals, exposing sensitive personal information such as names, Social Security numbers, driver's licenses, and government-issued identification numbers. This breach, which occurred between April 14, 2024, and May 24, 2024, was part of a larger cyberattack campaign targeting clients of the data storage company Snowflake.

The attackers, identified as the group “Sp1d3r,” infiltrated Snowflake accounts using stolen credentials, impacting numerous organizations including Pure Storage, Los Angeles Unified School District, Neiman Marcus, Ticketmaster, and Banco Santander. Advance Auto Parts acknowledged its breach in a Form 8-K filing on June 19, 2024, and has since completed its internal investigation.

In filings with regulators in Maine, Advance Auto Parts detailed that 2,316,591 people were affected by this breach. Despite claims by the hacker group that they possessed a database containing 380 million Advance customer records, the company stated that the compromised data pertains only to employees and job applicants.

"Our investigation determined that an unauthorized third party accessed or copied certain information maintained by Advance Auto Parts from April 14, 2024, to May 24, 2024," the company said in its notice.

Impacted individuals are being offered 12 months of complimentary identity theft protection and credit monitoring services through Experian, and are advised to enroll by October 1, 2024. Speaking to The Record, Cisco Talos expert Nick Biasini highlighted the broader implications of this breach, noting that it underscores the growing threat posed by large-scale credential theft operations.

"These actors operate large scale campaigns, gather, vet, and organize the credentials they harvest ready to sell to the highest bidder," Biasini stated. The breach at Advance Auto Parts is part of a worrying trend of cyberattacks targeting major corporations through compromised cloud storage credentials.

Similar breaches, like the massive breach reported earlier this year by Xfinity, continue to affect millions. These recurring incidents provide a window into the vulnerabilities of cloud-based data storage solutions and the critical importance of protective measures to safeguard sensitive information.

About the Author

Husain Parvez is a Cybersecurity Researcher and News Writer at vpnMentor, focusing on VPN reviews, detailed how-to guides, and hands-on tutorials. Husain is also a part of the vpnMentor Cybersecurity News bulletin and loves covering the latest events in cyberspace and data privacy.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address