Particle.news
Download on the App Store
4 ARTICLES
·
3w ago

Hertz Confirms Data Breach Exposing Sensitive Customer Information

The breach, linked to vulnerabilities in a vendor's software, affected at least 3,400 customers in Maine with the total impact still under investigation.

Cars are parked near Hertz car rental signage at John F. Kennedy International Airport in Queens, New York City, U.S., March 30, 2022. REUTERS/Andrew Kelly
Image

Overview

  • Hertz has disclosed a data breach involving personal customer information, including driver’s licenses and, in some cases, Social Security numbers.
  • The breach occurred between October and December 2024, exploiting zero-day vulnerabilities in Cleo Software’s platform, a vendor used by Hertz.
  • At least 3,400 customers in Maine have been impacted, though the total number of affected individuals remains unclear.
  • Hertz has notified regulatory bodies and customers across multiple regions, including the U.S., Canada, Australia, and the European Union.
  • The incident highlights the growing risks of third-party software vulnerabilities, with Cleo previously targeted in a mass-hacking campaign by the Clop ransomware gang.