Car rental company Hertz has announced that customers' personal data and driver's licenses were stolen in a cyberattack. The stolen data includes customers' names, birth dates, contact information, driver's licenses, payment card details, and in some cases, Social Security numbers and other government-issued IDs. Hertz has stated that the data breach affected customers in the United States, Australia, Canada, New Zealand, the United Kingdom, and the European Union.
The company explained that the breach resulted from vulnerabilities in the software of a supplier named Cleo. Cleo provides data transfer services to multiple companies and was targeted by a major cyberattack last year, linked to a hacker group from Russia.
Hertz confirmed that its own network was not compromised but that its data was accessed by an unauthorized third party. This has led to the exposure of Hertz customers' personal information. Although the company did not disclose the exact number of affected customers, it is believed that the breach impacted a larger group of individuals.
