Auto Parts Retailer LKQ Data Breach Exposes SSNs of 9K+
TL;DR
LKQ Corporation, a major auto parts distributor, suffered a ransomware attack by the CL0P group, exposing Social Security numbers and other PII of over 9,000 sole proprietor suppliers. The breach exploited a vulnerability in Oracle's E-Business Suite and was disclosed on the dark web in October.
Source: ClaimDepot
LKQ Corporation, a leading global distributor of automotive parts, experienced a significant data breach impacting at least 9,070 individuals across the U.S. The incident exposed personally identifiable information (PII) such as Employer Identification Numbers and Social Security numbers belonging to sole proprietor suppliers of LKQ. The breach was discovered Oct. 3, when LKQ became aware of a third party exploiting a previously unknown vulnerability in Oracle’s E-Business Suite application. The incident was a ransomware attack carried out by the CL0P group, a well-known cybercriminal organization. The group claimed responsibility for the breach on the dark web Oct. 22, stating they had obtained sensitive data from LKQ’s systems and posting details on the Tor network. Full Story