Avnet Data Breach: Stolen Data Deemed Unreadable
▼ Summary
– Avnet confirmed a data breach where stolen data is unreadable without proprietary tools, following unauthorized access to an externally hosted database in the EMEA region.
– A threat actor claimed to have stolen 1.3TB of compressed data, set up a dark web leak site, and demanded a ransom, with some plaintext samples containing PII that Avnet says is not sensitive under GDPR.
– Avnet detected the breach on September 26, rotated all secrets in its Azure/Databricks environments that night, and observed no further unauthorized activity, without initially disclosing the incident publicly.
– The unreadable data includes historical point-of-sale records, potential sales opportunities, and customer contact details like employee email addresses, with the incident limited to a single EMEA system and no global disruption.
– Avnet informed authorities and will contact impacted customers and suppliers directly, though the number of affected individuals is currently unknown.
Global electronics distributor Avnet has confirmed a data breach involving externally hosted cloud storage, though the company maintains that the majority of stolen information remains unreadable without specialized internal tools. A spokesperson explained that unauthorized individuals gained access to a database supporting an internal sales application used across Europe, the Middle East, and Africa. They emphasized that the proprietary sales platform itself was not compromised and continues to operate securely.
This Fortune 500 firm, which employs approximately 15,000 people and generates annual revenues near $22 billion, detected the intrusion on September 26. In response, the company immediately initiated a comprehensive rotation of all access credentials across its Azure and Databricks cloud environments. The security update was completed within hours, and no subsequent unauthorized activity has been observed.
Meanwhile, a threat actor claiming responsibility told media outlets they extracted between 1.3TB of compressed data, equivalent to 7-12TB uncompressed, containing operational details from EMEA and other global regions. The hacker established a dark web leak site to publish data samples, attempting to pressure Avnet into paying a ransom by demonstrating their access to company information.
Some of these published samples did appear in readable format, containing what Avnet confirmed was personally identifiable information. The company clarified that none of this exposed data qualifies as sensitive under GDPR standards, describing the compromised information as historical sales records, potential sales opportunities, and customer contact details including employee email addresses.
Avnet maintains that the security incident was confined to a single external system within the EMEA region and did not disrupt worldwide operations. The company has notified appropriate authorities about the cyberattack and plans to contact affected customers and suppliers directly. The total number of individuals potentially impacted by the breach remains undetermined at this time.
(Source: NewsAPI Cybersecurity & Enterprise)
