50,000 AutoZone customers’ data hacked, exposed (update1)
AutoZone, a leading American retailer of auto parts, has reportedly been hacked by @JM511.
This afternoon, JM511 announced the hack of the AutoZonePro.com site on Twitter. The linked paste included 49,967 customers’ details: billing addresses (street and city), email addresses, hashed passwords, telephone numbers, customers’ cities, and dates of birth.
Although the passwords were hashed, JM511 provided the password hash in the paste.
While no financial data was dumped, JM511 informs DataBreaches.net that he acquired other data concerning AutoZone customer orders that he did not dump. AutoZone may recognize the following fields:
ipaddy cc_ccv cc_type currency cc_start cc_issue cc_owner cc_number po_number cc_expires billing_name account_name payment_info billing_city orders_status delivery_name delivery_city last_modified cc_bank_phone
If you ordered from AutoZone, change your password for that site and for any other site where you may have used it. And although JM511 is not dumping any payment card data, it’s always a good idea to remain vigilant and check your statements. After all, if he could get the data, so could someone else.
Update1: Post-publication, JM511 informed DataBreaches.net that he had actually obtained customer information on 162,000+ customers, but decided to dump data on only 50,000.
Anonymous - August 24, 2015
Canadians and Quebec-Canadians (we must distinguish due to jurisdictions 😉 )
in that data dump.
I wonder if AutoZone notified the Privacy Commissioner of Canada of their data breach?