Electronic components distributor Avnet confirmed in a statement for BleepingComputer that it suffered a data breach but noted that the stolen data is unreadable without proprietary tools.

A company spokesperson told us that the incident occurred after unauthorized actors accessed a database hosted on an external service, which stored information used in the EMEA (Europe, Middle East, Africa) region.

"Avnet recently identified unauthorized access to externally hosted cloud storage supporting an internal sales tool used in EMEA," stated the spokesperson.

"Most of the data is not easily readable without access to Avnet's proprietary sales tool, which remains secure and was not impacted by this event."

Avnet is an American public company that operates distribution and design/engineering centers in 125 countries. It is a Fortune 500 firm with 15,000 employees and an annual revenue of around $22 billion.

A threat actor told BleepingComputer that they breached Avnet and stole 1.3TB of compressed data (between 7 and 12TB of raw data) that includes details about the company's operations in EMEA and other regions.

According to the hacker, Avnet detected the breach on September 26 and started to rotate all secrets throughout its Azure/Databricks environments without publicly disclosing the incident.

Avnet completed the rotation that night and did not observe further signs of unauthorized activity.

The threat actor said their interest is purely financial and set up a leak site on the dark web to pressure the company into paying a ransom by publishing data samples.

Some of the samples BleepingComputer saw are in plaintext form, containing data such as personally identifiable information (PII), which Avnet confirmed, adding that "none if it was sensitive information as defined under GDPR."

As for the unreadable data, a company representative explained that it is mainly historical point-of-sale records, potential sales opportunities, and customer contact details, i.e. employee email addresses.

Avnet told BleepingComputer that the incident was limited to a single system in the EMEA region and that it did not disrupt global operations. The company informed authorities about the cyberattack and said that impacted customers and suppliers will be contacted directly.

At this time, the number of potentially impacted individuals is unknown.

Update [14:21 ET, October 7]: Article updated with clarifications from Avnet about plain text data, revenue figure, the compromise of an external system, and overall impact of the breach.