{
	"id": "b348e990-8548-41c8-ba3e-6ffb7e54e04c",
	"created_at": "2026-04-06T00:06:26.816153Z",
	"updated_at": "2026-04-10T13:13:10.167925Z",
	"deleted_at": null,
	"sha1_hash": "a0bf5321d37182b9f85b55408d73c2a1f56ccd55",
	"title": "Auto parts giant AutoZone warns of MOVEit data breach",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 2554082,
	"plain_text": "Auto parts giant AutoZone warns of MOVEit data breach\r\nBy Bill Toulas\r\nPublished: 2023-11-21 · Archived: 2026-04-05 18:00:08 UTC\r\nAutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file\r\ntransfer attacks.\r\nAutoZone is the leading retailer and distributor of automotive spare parts and accessories in the U.S., operating 7,140 shops\r\nin the country and also in Brazil, Mexico, and Puerto Rico.\r\nThe company has an annual revenue of nearly $17.5 billion, employs 119,000 people, and its online shop is visited by 35\r\nmillion users per month, according to similarweb.com stats.\r\nhttps://www.bleepingcomputer.com/news/security/auto-parts-giant-autozone-warns-of-moveit-data-breach/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/auto-parts-giant-autozone-warns-of-moveit-data-breach/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nEarlier this year, the Clop ransomware gang exploited a zero-day MoveIT vulnerability to breach thousands of organizations\r\nworldwide, following up with double extortion and data leaks impacting millions of people.\r\nAutoZone informed the U.S. authorities today that it suffered a data breach as part of these attacks on May 28, 2023,\r\nresulting in the compromise of data of 184,995 people.\r\n\"AutoZone became aware that an unauthorized third party exploited a vulnerability associated with MOVEit and exfiltrated\r\ncertain data from an AutoZone system that supports the MOVEit application,\" reads the notification.\r\n\"We have performed an analysis of the affected system and associated data to determine whether your information was\r\npotentially impacted.\"\r\n\"More specifically, on or about August 15, 2023, AutoZone determined that the exploitation of the vulnerability in the\r\nMOVEit application had resulted in the exfiltration of certain data.\"\r\nIt took the company three more months to determine what data the intruders had stolen from its systems and who had been\r\nimpacted and needed to be notified.\r\nThe letter sample AutoZone shared with the authorities censored details on what type of data was compromised. Still,\r\nthe listing on the Office of the Maine Attorney General mentions \"full names\" and \"social security numbers.\"\r\nThe firm has covered the cost of identity theft protection service for the letter recipients and advises them to remain vigilant\r\nfor the next 24 months, reporting any suspicious incidents to the authorities.\r\nThe Clop ransomware gang took responsibility for an attack on AutoZone earlier this year and published all data they\r\nclaimed to have stolen from the firm on July 7, 2023.\r\nThe data leaked by the cybercriminals is roughly 1.1GB in size, containing employee names, email addresses, parts supply\r\ndetails, tax information, payroll documents, Oracle database files, data about stores, production and sales information, and\r\nmore. No customer data appears in the leaked files.\r\nThe Clop ransomware gang is expected to receive over $75 million in extortion payments from companies impacted by the\r\nMOVEit data theft attacks. In July, Emsisoft reported that over 77 million people had their data exposed. \r\nBleepingComputer has contacted AutoZone to request more information about the incident and whether the leaked dataset is\r\ngenuine, and we will update this post as soon as we receive a response.\r\nhttps://www.bleepingcomputer.com/news/security/auto-parts-giant-autozone-warns-of-moveit-data-breach/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/auto-parts-giant-autozone-warns-of-moveit-data-breach/\r\nhttps://www.bleepingcomputer.com/news/security/auto-parts-giant-autozone-warns-of-moveit-data-breach/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/auto-parts-giant-autozone-warns-of-moveit-data-breach/"
	],
	"report_names": [
		"auto-parts-giant-autozone-warns-of-moveit-data-breach"
	],
	"threat_actors": [],
	"ts_created_at": 1775433986,
	"ts_updated_at": 1775826790,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/a0bf5321d37182b9f85b55408d73c2a1f56ccd55.pdf",
		"text": "https://archive.orkl.eu/a0bf5321d37182b9f85b55408d73c2a1f56ccd55.txt",
		"img": "https://archive.orkl.eu/a0bf5321d37182b9f85b55408d73c2a1f56ccd55.jpg"
	}
}