Hertz says hackers stole customer credit card and driver’s license data
1 min read
Summary
Car hire company Hertz has told customers that their personal data, including credit card information and Social Security numbers, may have been stolen in a data breach affecting one of its vendors.
The company stated that the information was “acquired by an unauthorised third-party” due to a cyberattack that exploited zero-day vulnerabilities in the Cleo Communications file transfer platform.
While the exact extent of the breach remains unknown, customer notification has taken place in multiple countries.
Hertz confirmed the breach on 10 February, adding that analysis on 2 April revealed that customer names, contact details, dates of birth, credit card details, driver’s licence information, and workers’ compensation claims data may have been exposed.
A small number of individuals also had passport numbers and other government-issued identification data stolen.