Auto parts giant LKQ says cyberattack disrupted Canadian business unit
Automobile parts giant LKQ Corporation disclosed that one of its business units in Canada was hacked, allowing threat actors to steal data from the company.
LKQ is a public American company specializing in automotive replacement parts, components, and services to repair and maintain vehicles. The company has 45,000 employees in 25 countries and operates numerous brands, including Keystone, Tri Star, and ADL.
In a Friday evening FORM 8-K filing filed with the SEC, the company says one of its business units in Canada was breached on November 13, disrupting business operations.
"On November 13, 2024, LKQ Corporation (the "Company" or "we") detected unauthorized access to information technology (IT) systems of a single business unit in Canada ("Business Unit"). The attack disrupted the Business Unit's operations," reads the LKQ Form 8-K filing.
"Upon discovery, we immediately began taking steps to investigate, contain, and recover from the incident, including activating our security incident response and recovery plans, partnering with industry leading forensic investigators, and initiating containment measures for affected systems. We also promptly notified law enforcement authorities. We are analyzing data impacted by the incident and will be notifying affected parties as appropriate."
"As a result of the incident, the Company's operations within this Business Unit were adversely impacted for a few weeks while affected systems were recovered; however, the Company believes that it has effectively contained the threat and that none of its other businesses were impacted by the threat, and the Business Unit is now operating near full capacity."
The company says that they do not believe the incident will have any material impact on its financials or operations for the remainder of the fiscal year. LKQ says that they will seek reimbursement for costs and expenses stemming from the cyberattack from their cyber insurance company.
LKQ warns that its containment measures have caused some disruption within the breached business for a few weeks but has since restored operations.
No ransomware gangs or other threat actors have claimed responsibility for the attack.
Citrix shares mitigations for ongoing Netscaler password spray attacks
Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques
CVE-2025-22224 VMware ESXi and Workstation TOCTOU Race Condition Vulnerability
CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability
CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability
CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability
CVE-2022-43769 Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability
CVE-2024-40890 Zyxel DSL CPE OS Command Injection Vulnerability
CVE-2025-24983 Microsoft Windows Win32k Use-After-Free Vulnerability
CVE-2017-0148 Microsoft SMBv1 Server Remote Code Execution Vulnerability
CVE-2024-20953 Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability
InformationalInformation Disclosure - Suspicious Comments
InformationalRe-examine Cache-control Directives
Free online web security scanner
