On November 21, 2023, AutoZone, Inc. filed a notice of data breach with the Attorney General of Maine after discovering that MOVEit, a file-transfer program used by the company, contained a critical vulnerability allowing hackers to access information in the company’s possession. In this notice, AutoZone explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names and Social Security numbers. Upon completing its investigation, AutoZone began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you receive a data breach notification from AutoZone, Inc., it is essential you understand what is at risk and what you can do about it. As we’ve discussed in earlier posts, while all data breaches present certain risks, those involving your SSN are the most concerning. This is because hackers can easily use your SSN to steal your identity or commit other frauds against you. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the AutoZone / MOVEit data breach.

What Caused the AutoZone MOVEit Data Breach?

The AutoZone MOVEit data breach was only recently announced, and more information is expected in the near future. However, AutoZone’s filing with the Attorney General of Maine provides some important information on what led up to the breach. According to this source, AutoZone uses a third-party secure file transfer application called MOVEit, which is a product of Progress Software.

Recently, AutoZone learned that an unauthorized third party exploited the MOVEit and removed data from an AutoZone system that supports the MOVEit application. After learning about the incident, AutoZone launched an investigation with the help of outside cybersecurity experts. On August 15, 2023, AutoZone confirmed that the unauthorized party was able to access certain files containing confidential consumer information.

After learning that sensitive consumer data was accessible to an unauthorized party, AutoZone reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name and Social Security number.

On November 21, 2023, AutoZone sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.

More Information About AutoZone, Inc.

Founded in 1979, AutoZone, Inc. is an automobile parts retailer based out of Memphis, Tennessee. AutoZone operates 7,140 locations in the United States, Mexico, Puerto Rico, Brazil and the US Virgin Islands. AutoZone is publicly traded on the New York Stock Exchange under the symbol “AZO.” AutoZone employs more than 112,500 people and generates approximately $17 billion in annual revenue.