AutoZone Files MOVEit Data Breach Notice With State of Maine
The company temporarily disabled the application and patched the vulnerability, though affected individuals should still remain vigilant.
Today, Doug Baldwin, CISO at AutoZone, filed a notice of a MOVEit data breach with the state of Maine, which has affected 184,995 individuals, 293 of which are residents in Maine.
The breach occurred on May 28, but was only discovered earlier this month. In the notice letter to affected individuals, Baldwin detailed that a threat actor exploited a MOVEit vulnerability and exfiltrated data from the AutoZone system, including information such as names and Social Security numbers. After launching an investigation with the help of outside parties, the automotive giant has temporarily disabled the MOVEit application and took measures to rebuild the system that was affected by the breach and patch the vulnerabilities.
AutoZone noted that affected individuals should monitor their accounts for any suspicious or fraudulent activity. The company is also offering complimentary credit monitoring and identity protection services through Equifax, and it recommends that individuals remain vigilant for the next 12 to 24 months.
AutoZone has become the latest victim in a long string of attacks involving the MOVEit file transfer application, alongside government vendors,higher education institutions, and even the state of Maine itself, which announced its own breach earlier this month.
About the Author
You May Also Like
Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024