Hertz Says Customers' Personal Data, Driver's Licenses Stolen In Data Breach

Hertz, including its Dollar and Thrifty brands, experienced a data breach impacting customer information. The breach, occurring between October and December 2024, stemmed from a cyberattack on vendor Cleo. Stolen data varied by region but included names, birthdates, contact details, driver's licenses, and payment information. A smaller subset of customers also had Social Security numbers and other government IDs compromised. Affected regions include Australia, Canada, the EU, New Zealand, the UK, and several US states. Notices were posted on Hertz websites for affected customers. Hertz confirmed at least 3,400 Maine customers were affected, but the total number remains undisclosed. A Hertz spokesperson stated the number affected is not in the millions. The breach is linked to Cleo, a software vendor previously targeted by a Russia-linked ransomware group. The full extent of the breach's impact is still being assessed.