Hertz Corporation has confirmed a security breach that has compromised personal data of customers of its Hertz brands, Thrifty and Dollar. The incident originated from zero-day vulnerabilities in the file transfer platform of its provider Cleo Communications, exploited by attackers in October and December 2024. The company detected the unauthorized access on 10 February 2025 and, since, has been investigating the extent of the event and notifying affected people.

The compromised data varies by individual, but they can include names, Contact Information, Dates of birth, Driver's license numbers, credit card details and data related to workers' compensation claims. In a small number of cases, Social Security numbers have also been affected, Passports and other government identifiers.

Hertz has assured that its own internal network was not compromised and that, to date, There is no evidence of fraudulent use of the stolen information. Nevertheless, The company has alerted relevant authorities and regulators and offered free identity monitoring services for two years to potentially affected customers, as a preventive measure.

This incident adds to a series of recent cyberattacks related to vulnerabilities in file transfer platforms, as in the case of WK Kellogg, who was also the victim of a similar attack. These events underscore the growing threat that cyberattacks pose to businesses and the importance of strengthening security measures on third-party systems.

Fountain: Bleeping Computer

Image: Enjosmith on Flickr


Leave a Reply

Your email address will not be published. Required fields are marked *

More news
A
Read more »
A researcher manages to hack some concert tickets using AI
Read more »
Una nueva campaña de phishing suplanta a ChatGPT
Read more »
Nintendo suffers a data breach through a supplier
Read more »
Trying to make fun of a scammer is not a very good idea
Read more »