Avnet Confirms Data Breach Involving Internal Sales Tool Information

‘Avnet recently identified unauthorized access to externally hosted cloud storage supporting an internal sales tool used in EMEA,’ according to a statement from the electronic components distributor.

Avnet confirmed to CRN that it was hit by a data breach but said the stolen data was unreadable.

The breach of the data, which is being held for ransom, occurred when unauthorized people attacked externally hosted cloud storage supporting an internal sales tool for the electronic components distributor’s Europe, Middle East, and Africa (EMEA) territory, according to the company and BleepingComputer, which first reported the news.

Avnet, in a statement emailed to CRN in response to a request for further information, confirmed the breach, but said the company was unable to discuss it further at this time.

[Related: Top Distribution Execs Are Grappling With Financial Impact Of Tariffs]

In the statement, which was not attributed to a specific spokesperson, Avnet said data was accessed by unauthorized entities but was unlikely to be readable without the company’s proprietary tool.

“Avnet recently identified unauthorized access to externally hosted cloud storage supporting an internal sales tool used in EMEA,” according to the statement. “This data primarily consists of historical point-of-sale records, potential sales opportunities, and customer contact details such as employee email addresses. We believe it is difficult to make meaningful sense of the data without viewing it through the interface of our proprietary tool, which remains secure and was not impacted by this event.

“The incident was limited to a single system in the EMEA region, there were no resulting operational disruptions globally,” said the statement.

“We took immediate action to successfully contain the issue, notified the appropriate authorities, and are directly informing impacted customers and suppliers about the incident,” the statement read.

An Avnet spokesperson also said that while the threat actor is threatening to release its copy of the data to the public, Avnet still has access to the data and has never lost access to it.

Avnet also wanted to make it clear that its initial assessment on the readability of the data is that “it would be difficult for the threat actor to make meaningful sense of the data without viewing it through the interface of our proprietary tool. This data primarily consists of historical point-of-sale records, potential sales opportunities, and customer contact details such as employee email addresses. We continue to evaluate the impact of the incident.”

In addition, Avnet said that although some personally identifiable information was accessed by the threat actor, none if it was sensitive information as defined under GDPR.

BleepingComputer said it had received notification from a threat actor that said it stole 1.3 TBs of compressed data, or 7 terabytes to 12 terabytes of raw data, with information on Avnet’s EMEA and other area operations. The threat actor said its “interest is purely financial and set up a leak site on the dark web to pressure the company into paying a ransom by publishing data samples” of the data.

Those samples were in plain text, and included sensitive information, which BleepingComputer said goes against Avnet’s claims that proprietary tools are needed to read the data.

Phoenix-based Avnet is a Fortune 500 company focused on distributing electronics components and IT equipment. It is a broadline distributor, which also has specializations in product idea and design. According to the company, it serves over 1 million customers in 140 countries around the world.

Avnet in August reported fiscal year 2025 revenue of $22.2 billion, down about 6.7 percent from the $23.8 billion it reported for fiscal year 2025. The distributor also reported GAAP earnings of $2.75 per share, down from last year’s $5.43 per share, and non-GAAP earnings of $3.44 per share, down from last year’s $5.34 per share.