The Hertz Corporation has confirmed that sensitive personal information belonging to customers of its Hertz, Dollar, and Thrifty brands was compromised after hackers targeted a vendor’s file transfer platform.
The breach has sparked concerns about identity theft and privacy, prompting Hertz to offer free identity monitoring services for affected individuals.
According to an official notice issued by Hertz, the breach stemmed from an attack on Cleo Communications US, LLC (“Cleo”), a third-party vendor that manages a file transfer platform for the car rental giant.
.png
)
The platform was exploited through zero-day vulnerabilities in October and December 2024, allowing unauthorized parties to acquire Hertz data.
Hertz stated it became aware of the breach on February 10, 2025, and completed a comprehensive analysis by April 2, 2025, to determine the scope of affected data and individuals.
Scope of the Breach
The potentially exposed information includes:
- Names
- Contact details
- Dates of birth
- Credit card information
- Drivers’ license data
- Information related to workers’ compensation claims
For a small subset of individuals, additional sensitive information—such as Social Security numbers, passport information, Medicare or Medicaid IDs, and injury data related to vehicle accident claims—may also have been exposed.
Hertz emphasized that, to date, there is no evidence of fraudulent use of the compromised data.
Still, the corporation is urging those affected to remain vigilant, monitor their financial accounts, and check their credit reports for unusual activity.
Company Response and Customer Support
Hertz has confirmed that Cleo has taken steps to investigate and secure the vulnerabilities that led to the incident.
The incident has been reported to law enforcement and relevant regulators, demonstrating Hertz’s commitment to transparency and regulatory compliance.
To assist potentially impacted individuals, Hertz has contracted Kroll, a prominent risk consultancy, to provide two years of complimentary identity or dark web monitoring services.
U.S. residents who may have been affected are encouraged to sign up for these services at Kroll’s registration page.
Advice for Customers
While no misuse of information has been reported, experts recommend that customers:
- Regularly review bank and credit card statements
- Obtain free annual credit reports from major credit bureaus
- Consider placing a fraud alert or credit freeze on their credit files
Customers with questions can contact Hertz’s dedicated helpline at (866) 408-8964, Monday through Friday from 6:00 a.m. to 8:00 p.m. Central Time.
The breach highlights ongoing challenges in securing personal data across digital platforms and serves as a stark reminder of the importance of cybersecurity vigilance for businesses and consumers alike.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
