日本語
한국어
Tiếng Việt
简体中文
Car rental giant Hertz is notifying customers about a significant data breach that compromised the personal information of approximately 100,000 individuals. The breach stemmed from a vulnerability exploited within a vendor’s system, Cleo Communications US.
According to Hertz, the unauthorized access occurred due to a zero-day vulnerability exploit in Cleo’s file transfer platform in late 2024. This allowed malicious actors to acquire sensitive customer data.
What Information Was Exposed?
The compromised data includes:
- Names
- Contact details
- Credit card information
- Driver’s license numbers
In a limited number of cases, Social Security numbers, passport details, Medicare/Medicaid IDs, and vehicular accident claim information were also exposed.
Hertz’s Response
Hertz confirmed the breach on February 10th, 2025, and immediately began analyzing the impacted data and identifying affected individuals. The company emphasizes that Cleo Communications US has taken steps to address the security vulnerability.
Hertz is providing affected customers with free identity monitoring services and recommends vigilance against potential fraud. Customers are urged to review account statements and credit reports for any unauthorized activity.
“While Hertz is not aware of any misuse of personal information for fraudulent purposes in connection with the event, we encourage potentially impacted individuals, as a best practice, to remain vigilant to the possibility of fraud or errors by reviewing account statements and monitoring free credit reports for any unauthorized activity and reporting any such activity.”
Staying Protected
This data breach serves as a reminder of the importance of cybersecurity and data protection. Individuals are encouraged to take proactive steps to safeguard their personal information, including regularly monitoring credit reports and being cautious of phishing attempts.