Hertz Data Breach: Thousands of Customers Affected
Hertz, a global car rental giant, has confirmed a data breach affecting thousands of customers. Personal information and driver's licenses were stolen due to a cyberattack on its vendor, Cleo, between October and December 2024. Stolen data includes names, birthdates, contact information, driver's licenses, payment card details, and workers' compensation claims. Some customers also had their Social Security numbers and other government-issued IDs compromised. Hertz notified affected customers in Australia, Canada, the EU, New Zealand, and the UK, and also reported the breach to several US states. While Hertz denies its own network was compromised, it confirms data was stolen by a third party exploiting zero-day vulnerabilities in Cleo's platform. This highlights the importance of data security and underscores the significant risk of supply chain vulnerabilities.