More than 100,000 had information stolen from Hertz through Cleo file share tool

Hertz has suffered a significant data breach affecting thousands, with hackers exploiting a flaw in the Cleo file sharing tool. The company is now in damage control mode, notifying affected customers and regulatory bodies across various states.

Summary

In a recent report, it was revealed that over 100,000 individuals had their sensitive data stolen from Hertz due to a security vulnerability within the Cleo file-sharing tool. This breach highlighted the risks associated with using third-party software for data management. Hertz’s disclosure to state regulators indicated that a substantial number of residents in states like Texas and Maine were affected, with the nationwide total likely even higher. The company has begun notifying victims and is offering identity protection services as mitigation.

Key Points

Over 100,000 individuals’ sensitive data, including Social Security numbers and driver’s licence details, were compromised.
The breach stemmed from a zero-day vulnerability in the Cleo file-sharing platform.
Hertz has reported data breaches to regulators in states such as California, Iowa, and Texas.
In Texas alone, 96,665 residents were affected, and 3,409 in Maine.
The company is providing two years of identity protection services through Kroll for affected individuals.
Numerous other companies have reported similar breaches due to the Cleo vulnerability.
Hertz’s network was not directly compromised, but data was still acquired by unauthorised parties.

Why should I read this?

If you’ve ever rented a car or used Hertz services, this should raise a few alarm bells. It’s a stark reminder about the importance of data security—especially when third-party tools are in play. Knowing how such breaches happen can help you better protect your own personal information and understand the risks businesses face when handling sensitive customer data. Don’t ignore it; stay informed!