AutoZone Files MOVEit Data Breach Notice With State of Maine
The company temporarily disabled the application and patched the vulnerability, though affected individuals should still remain vigilant.
Today, Doug Baldwin, CISO at AutoZone, filed a notice of a MOVEit data breach with the state of Maine, which has affected 184,995 individuals, 293 of which are residents in Maine.
The breach occurred on May 28, but was only discovered earlier this month. In the notice letter to affected individuals, Baldwin detailed that a threat actor exploited a MOVEit vulnerability and exfiltrated data from the AutoZone system, including information such as names and Social Security numbers. After launching an investigation with the help of outside parties, the automotive giant has temporarily disabled the MOVEit application and took measures to rebuild the system that was affected by the breach and patch the vulnerabilities.
AutoZone noted that affected individuals should monitor their accounts for any suspicious or fraudulent activity. The company is also offering complimentary credit monitoring and identity protection services through Equifax, and it recommends that individuals remain vigilant for the next 12 to 24 months.
AutoZone has become the latest victim in a long string of attacks involving the MOVEit file transfer application, alongside government vendors,higher education institutions, and even the state of Maine itself, which announced its own breach earlier this month.
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024