Mavis Tire Supply

Mavis Tire Supply Data Breach

Status: Confirmed

23.4M Records

Unknown Data

Oct 7 Verified

Breach Overview

Actor WorldLeaks ransomware group

Vector Unconfirmed (possible network compromise or credential theft)

Date of Breach September 23, 2025

Date of Reporting September 23, 2025

Data Posted October 7, 2025 (verified)

Records Stolen 23,398,182

Data Volume Unknown

Summary

In late September 2025, Mavis Tire Supply LLC aka Mavis Discount Tire (one of the largest independent multi-brand tire and auto service retailers in the U.S.) suffered a ransomware attack conducted by the WorldLeaks group.

The incident disrupted portions of the company's IT systems and was first detected on September 23, 2025, with data later confirmed posted to dark web forums on October 7, 2025.

WorldLeaks claims to have accessed and exfiltrated sensitive personal and operational data. The leaked dataset reportedly includes customer identity information, employee contact records, and home addresses linked to service accounts across multiple states.

Mavis operates over 700 service centers in 13 U.S. states, providing tire, brake, and maintenance services.

As of this report, portions of the stolen data are confirmed to be circulating on leak forums and have been indexed by DataBreach.com.

About Mavis Tire Supply

Mavis Tire Supply LLC is a major U.S. retailer specializing in tires, brakes, and automotive maintenance. Founded in 1972, Mavis has grown into one of the country's largest independent tire chains, with hundreds of service centers across the Northeast and Southern regions.

While many customers may not have interacted directly with corporate systems, personal data could have been stored via:

Online appointment or service scheduling. Booking tire changes, brake service, or maintenance through Mavis's online platform.
Warranty or rebate registration. Submitting personal information for manufacturer rebates or tire warranty programs.
Vendor or employment records. If you worked for or partnered with Mavis, your data may have been in their HR or vendor management systems.

Data Points Exposed

Social Security Numbers

* It appears to ObscureIQ that breached SSNs are related to leaked Mavis employee data and not Mavis customer data.

Email Addresses

Phone Numbers

Names

Home Addresses

Threat Actor: WorldLeaks

A financially motivated group that emerged in 2025, known for targeting U.S. consumer service providers.

Their operations involve mass data theft, extortion, and public leaks when ransom demands are denied

Impact

A class action lawsuit (Bunch v. Mavis Tire Supply, LLC) was filed on October 22, 2025, alleging cybersecurity negligence and contractual failures to safeguard customer data.

The breach increases the risk of:

Identity theft and credit fraud
Targeted phishing using verified personal data
Account takeovers and credential stuffing
Exposure of home addresses for harassment or scams

Dark Web Verification

Status: Confirmed

Independent verification by breach monitoring platforms has confirmed that datasets labeled "mavis-hq.com" and "Mavis Tire & Brake" have been publicly exposed.

Recommendations for Impacted Clients

If you've been notified, or even suspect exposure, take these actions now:

Check Your Exposure

If you're an ObscureIQ client, this breach has been indexed into your digital footprint profile. Non-clients can request a free footprint audit to verify exposure.

Freeze Your Credit

Contact Equifax, Experian, and TransUnion to prevent fraudulent account openings.

Monitor Financial and Email Accounts

Watch for unauthorized logins, password reset emails, or unusual activity.

Enable Multi-Factor Authentication (MFA)

Secure critical accounts, particularly email and banking.

Be Alert for Phishing

Attackers often impersonate service vendors like Mavis to deliver follow-up scams.

Suppress Personal Data

If your address or contact details are public, ObscureIQ can assist in removing them from data brokers.

Credit

What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)

July 14, 2025

Every time there’s a major data breach, companies scramble to offer “free” credit monitoring. It sounds like a responsible move.…

breach economycredit freezecredit scoreequifaxexperianlifelocktransunionupsell

Credible Threats

Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.

September 2, 2025

Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars. Over 80% of security incidents now start in the browser. Chrome.…

brave browserbreachesbrowser exploitbrowserschromedata securityemployeesexposurefirefoxfootprint

Analysis

Sextortion Spam

May 10, 2025

Sextortion scams aren’t new, but they remain one of the most effective forms of cyber-enabled fraud. These scams don’t rely…

bitcoindeadlinefeargoogle maps apiransomsocial engineering

Contact ObscureIQ

If you believe your information may be part of the Mavis Tire Supply breach, contact us for a free breach impact check.

We use multi-layered intelligence sources (including restricted dark web datasets) to confirm exposure and assess active risk.