Hertz Hack: Customer Data Stolen
Hertz Data Breach Exposes Customer Information, Including Driver’s Licenses adn Credit Card details
Table of Contents
- Hertz Data Breach Exposes Customer Information, Including Driver’s Licenses adn Credit Card details
- Hertz Data Breach: Your Questions Answered
- What Happened in the Hertz Data Breach?
- What Information Was Compromised?
- Who Was Responsible for the Breach?
- How Did the Hackers Gain Access to Hertz’s Data?
- When Did Hertz Announce this Data Breach?
- What Actions Has Hertz Taken in Response to the Breach?
- What Risks Do I Face consequently of the Hertz Data Breach?
- What Should I Do If I Am a Hertz Customer?
- What is the Role of IT Subcontracting in this Breach?
- How Can I Protect Myself from Future Data Breaches?
- Hertz Data Breach Timeline
Hertz Corporation, the car rental giant, is notifying customers of a significant data breach that compromised sensitive personal information.The breach, stemming from a cyberattack on its vendor, Cleo Communications, occurred between October and December 2024.
Compromised Data Includes Sensitive Information
According to a statement released by Hertz, an unauthorized third party gained access to internal data by exploiting zero-day vulnerabilities in Cleo’s file transfer platform. The company initially confirmed the incident on Feb. 10, 2025, and later revealed on April 2, 2025, the extent of the exposed data. This includes:
- Names
- Contact details
- Dates of birth
- Driver’s license information
- Credit card information
In some instances, passport information was also compromised.
Hertz Responds to the Breach
Hertz stated it has reported the data breach to law enforcement.Cleo Communications has sence patched the identified vulnerabilities. While the exact number of affected customers remains undisclosed, Hertz maintains it has no “knowledge of abusive use of personal information for fraudulent purposes related to the event.”
Cleo Communications: A Recurring Target
The identity of the hackers remains unknown. However, Cleo Communications was previously targeted in a large-scale hacking campaign in October 2023. The Russian ransomware group CLOP claimed duty for those attacks, disclosing data from 59 organizations compromised through cleo’s vulnerabilities.
The Risks of IT Subcontracting
This incident underscores the potential risks associated with IT subcontracting for large corporations. Hertz is advising customers to closely monitor their accounts and report any suspicious activity.
Hertz Data Breach: Your Questions Answered
Recently, Hertz, a major car rental company, announced a data breach. This article provides a comprehensive Q&A to help you understand the situation, what facts was compromised, and what steps you should take.
What Happened in the Hertz Data Breach?
Hertz has notified customers of a significant data breach impacting thier personal information. The breach occurred between October and December 2024 and stemmed from a cyberattack on Cleo Communications, a vendor used by Hertz.
What Information Was Compromised?
According to Hertz, the following sensitive personal information was exposed:
- Names
- Contact details
- Dates of birth
- Driver’s license information
- Credit card information
- In some instances, passport information
Who Was Responsible for the Breach?
The identity of the hackers is currently unknown. Though, it’s significant to note that Cleo Communications was previously targeted in a large-scale hacking campaign in October 2023, with the Russian ransomware group CLOP claiming duty.
How Did the Hackers Gain Access to Hertz’s Data?
The breach occurred due to a cyberattack on Cleo Communications, using zero-day vulnerabilities in its file transfer platform. The hackers exploited these vulnerabilities to gain unauthorized access to internal data.
When Did Hertz Announce this Data Breach?
Hertz first confirmed the incident on February 10, 2025. The extent of the exposed data was later revealed on April 2, 2025.
What Actions Has Hertz Taken in Response to the Breach?
Hertz has reported the data breach to law enforcement. Cleo Communications has also taken action by patching the identified vulnerabilities following the attack.
What Risks Do I Face consequently of the Hertz Data Breach?
The compromise of your personal information, including driver’s license and credit card details, increases your risk of:
- Identity theft
- Financial fraud
- Phishing scams
What Should I Do If I Am a Hertz Customer?
Hertz advises customers to be proactive in monitoring their accounts and financial information. Here are specific actions you can take:
- Monitor Your Accounts: Carefully review your credit card statements,bank accounts,and credit reports for any unauthorized activity.
- Report Suspicious Activity: Immediately report any suspicious or fraudulent charges to your financial institutions.
- Consider a Credit Freeze: A credit freeze restricts access to your credit information, preventing criminals from opening new accounts in your name.
- Watch for Phishing Attempts: Be wary of unsolicited emails, texts, or phone calls asking for your personal information.
What is the Role of IT Subcontracting in this Breach?
This incident highlights the risks associated with IT subcontracting, where large corporations rely on third-party vendors for services. If these vendors have security vulnerabilities, it can expose the data of their clients’ customers.In this case, Cleo Communications was the weakest link that hackers exploited to access Hertz’s data.
How Can I Protect Myself from Future Data Breaches?
Protecting yourself requires a layered approach to cybersecurity. here are a few basic precautions you can take:
- Use Strong Passwords: Create unique, complex passwords for each of your online accounts.
- Enable Two-Factor Authentication (2FA): Whenever possible, enable 2FA to add an extra layer of security to your accounts.
- Be Careful with phishing Emails: Never click on links or download attachments from unknown or suspicious senders.
- Be Cautious with Public Wi-Fi: Avoid conducting sensitive transactions on public Wi-fi networks.
- Update Software Regularly: Keep your operating systems, web browsers, and other software up to date to patch any newly discovered vulnerabilities.
Hertz Data Breach Timeline
Here’s a rapid summary of the key events:
| Date | Event |
|---|---|
| October – December 2024 | Data breach occurred through Cleo Communications. |
| October 2023 | Cleo Communications was targeted in a large-scale hacking campaign. |
| February 10, 2025 | Hertz confirmed the data breach. |
| April 2, 2025 | The extent of the compromised data was revealed. |
Disclaimer: This information is based on the provided article and should not be considered legal or financial advice. if you have been affected by the Hertz data breach, you may want to consult with a security expert.