Hertz Data Breach Impacts Customers Worldwide

Hertz Corporation has confirmed a significant data breach affecting its customers worldwide, stemming from vulnerabilities in software provided by its vendor, Cleo Communications. The breach, which occurred between October and December 2024, exposed sensitive personal information, including names, contact details, credit card data, driver's licenses, and potentially Social Security numbers and other government-issued IDs. The Clop ransomware gang, notorious for exploiting zero-day vulnerabilities, has claimed responsibility for the attack. While Hertz has reported the incident to law enforcement and is notifying affected individuals, the full extent of the breach remains unclear, though at least 3,400 customers in Maine were impacted. The company is offering two years of free identity monitoring services to those affected and insists there is no evidence of misuse of the compromised data so far.