Electronic components distributor Avnet suffered a data breach after unauthorized actors accessed an externally hosted cloud storage supporting an internal sales tool in the EMEA region. The attackers exfiltrated 1.3TB of compressed data (7–12TB raw), including sensitive operational details and personally identifiable information (PII). While Avnet claimed the stolen data was unreadable without proprietary tools, leaked samples on a dark web ransomware site revealed plaintext PII, contradicting the company’s statement.The breach was detected on September 26, prompting Avnet to rotate credentials in its Azure/Databricks environments, but no public disclosure was made initially. The threat actor, motivated by financial gain, demanded a ransom and published data samples to pressure the company. Avnet confirmed the incident was isolated to a single EMEA system, with no disruption to global operations, but the number of affected individuals remains unknown. Authorities were notified, and impacted customers/suppliers are being contacted directly. The attacker’s ransomware leak site suggests potential escalation if demands are unmet.