Major U.S. automotive aftermarket parts vendor Advance Auto Parts had 3 TB
of data containing sensitive customer and employee details claimed to be
stolen by the threat actor dubbed "Sp1d3r" following the compromise of its
Snowflake cloud storage environment, reports BleepingComputer.

Included in the trove of information being sold for $1.5 million were 380
million customer profiles, 140 million customer orders, 44 million
Loyalty/Gas card numbers, and data from 358,000 former and current Advance
employees, as well as sales history, auto part numbers, employment candidate
details, and transaction tender data, according to Sp1d3r. Other Snowflake
customers were also alleged by the threat actor to have had their data
exfiltrated since the intrusions began in mid-April but have since paid the
demands of their attackers.

Such a development comes after both recent breaches of Ticketmaster and
Santander Bank were linked to compromised Snowflake accounts, with the cloud
storage firm attributing the incidents to the targeting of organizations
without multi-factor authentication.

https://www.scmagazine.com/brief/advance-auto-parts-allegedly-breached-via-
snowflake-account