The Hertz Corporation has confirmed that sensitive personal information belonging to customers of its Hertz, Dollar, and Thrifty brands was compromised after hackers targeted a vendor’s file transfer platform.
The breach has sparked concerns about identity theft and privacy, prompting Hertz to offer free identity monitoring services for affected individuals.
According to an official notice issued by Hertz, the breach stemmed from an attack on Cleo Communications US, LLC (“Cleo”), a third-party vendor that manages a file transfer platform for the car rental giant.
The platform was exploited through zero-day vulnerabilities in October and December 2024, allowing unauthorized parties to acquire Hertz data.
Hertz stated it became aware of the breach on February 10, 2025, and completed a comprehensive analysis by April 2, 2025, to determine the scope of affected data and individuals.
The potentially exposed information includes:
For a small subset of individuals, additional sensitive information—such as Social Security numbers, passport information, Medicare or Medicaid IDs, and injury data related to vehicle accident claims—may also have been exposed.
Hertz emphasized that, to date, there is no evidence of fraudulent use of the compromised data.
Still, the corporation is urging those affected to remain vigilant, monitor their financial accounts, and check their credit reports for unusual activity.
Hertz has confirmed that Cleo has taken steps to investigate and secure the vulnerabilities that led to the incident.
The incident has been reported to law enforcement and relevant regulators, demonstrating Hertz’s commitment to transparency and regulatory compliance.
To assist potentially impacted individuals, Hertz has contracted Kroll, a prominent risk consultancy, to provide two years of complimentary identity or dark web monitoring services.
U.S. residents who may have been affected are encouraged to sign up for these services at Kroll’s registration page.
Advice for Customers
While no misuse of information has been reported, experts recommend that customers:
Customers with questions can contact Hertz’s dedicated helpline at (866) 408-8964, Monday through Friday from 6:00 a.m. to 8:00 p.m. Central Time.
The breach highlights ongoing challenges in securing personal data across digital platforms and serves as a stark reminder of the importance of cybersecurity vigilance for businesses and consumers alike.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
Security researchers have disclosed three critical vulnerabilities in the Netgear EX6200 Wi-Fi range extender that…
A high security flaw in Tesla’s Model 3 vehicles, disclosed at the 2025 Pwn2Own hacking…
As quantum computing transitions from theoretical research to practical application, Chief Information Security Officers (CISOs)…
A high vulnerability in Apache ActiveMQ’s .NET Message Service (NMS) library has been uncovered, enabling…
Commvault, a global leader in data protection and information management, has confirmed that a sophisticated…
The Federal Bureau of Investigation (FBI) has revealed the existence of 42,000 phishing domains associated…