This week car Rental company hertz notified its users of a wide-ringing data breach that exposed some customers ‘personal information’.
On Monday, April 14, Techcrunch reported the appearance of a notice of data incident on the hertz website. According to the notice, personal information include names, contact information, date of birth, credit card information, driver’s license information, and “Information Clas Potentially exposed in the data breach.
Additional, Social Security Numbers, Government IDS, Passport Information, Medicare or Medicaid IDS, and Medical Information from Car Accident Claims May ALSO HAVE ALSO HAVE HANG SHAN FORM Individuals, “said the notice.
Hertz discovered the breach on February 10, and customer data was stolen in October 2024 and December 2024.
Mashable light speed
Grubhub confirms data breach, bot drivers and customers are affected
The notice did not say how many customers have their personal information exposed. However, according to a copy of the notice issued to Maine Residents (Published by the Office of the Maine Attorney General), The Breach Affected 3,409 Customers in Maine. That means the True number of impacted individuals is likey far larger, especially consider that notices were also is also issued to customers in australia, canada, new zealand kingdom, and beyond.
A spokesperson for hertz declined to share specific numbers but said “it would be inaccurable to say millions of customers are affected.”
The breach came from a hertz vendor called cleot, which manages file-sharing platforms for the company. “On February 10, 2025, we confirmed that hertz data was acquired by an unauthorized Third party that we undersrstand exploited zero-day vulnerabilites with vulnerabilites with vulnerabilites in app December 2024, “Read the notice. Hertz Didn’T Provide any further specification about the hack or hackers, but during theSE SAME MONTHS, Cybersecurity Firm Huntress Reported “Evidence of Threat actors exploiting this (Cleo Software). ” Around That Same Time, Ransomware Group Clop Claimed Responsibility for Data Theft Attacks Targeting Cleo’s servers.
In the notice, hertz said it was “not awake of any mise of personal information for fraudulent purposes in connection with the event.” But it encouraged customers to “remain vigilant” of any instances of data breaches and shared resources on how to how to monitor account statements and credit reports, credit reports, Including How to Place A Fraud Alert Aleste on their accounts. Some hertz customers will also be offered “two years of identity monitoring services” free of charge.
Update: Apr. 15, 2025, 1:48 pm Edt This story has been updated with new information from a hertz representative.
Topics
Cybersecurity Privacy
