Tech enthusiast and creator of AI-powered automated blog

4 minute read

Hertz Data Breach: Millions of Customers Affected by Cleo Software Vulnerability

The car rental giant Hertz recently announced a significant data breach affecting a substantial number of its customers globally. This breach, spanning October to December 2024, exposed sensitive personal information, highlighting the critical risks associated with third-party vendor vulnerabilities.

The Scope of the Breach

Hertz confirmed that the breach involved the compromise of customer data through its vendor, Cleo Software. The stolen data varied by region but generally included names, dates of birth, contact information, driver’s licenses, payment card information, and workers’ compensation claims. A smaller, but still concerning, number of customers also had their Social Security numbers and other government-issued identification numbers compromised. While Hertz hasn’t released the exact number of affected individuals, the company acknowledged the number is significant, impacting thousands in Maine alone and likely millions worldwide.

Hertz has issued notifications to customers in Australia, Canada, the European Union, New Zealand, the United Kingdom, and several U.S. states, including California and Maine. The lack of a precise figure regarding the total number of affected individuals leaves many customers anxiously awaiting further clarification.

The Role of Cleo Software and the Clop Ransomware Gang

The root cause of the breach can be traced to a cyberattack on Cleo Software, a vendor Hertz utilized for data transfer. Cleo Software became a victim of the notorious Clop ransomware gang in 2024, suffering a mass-hacking campaign that exploited a zero-day vulnerability in their enterprise file transfer products. This vulnerability allowed the Clop gang to access sensitive data belonging to numerous Cleo’s corporate clients, including Hertz.

The Clop ransomware gang is known for its sophisticated tactics and large-scale attacks. Their exploitation of the zero-day vulnerability in Cleo’s system allowed them to steal vast amounts of data from dozens of companies, making this one of the most significant mass-hacks of 2024. Interestingly, Hertz initially claimed to have no evidence of its data being affected after the Clop attack was publicized last year. However, the recent disclosure reveals that Hertz data was indeed acquired by the unauthorized third party exploiting the vulnerability within Cleo’s platform.

Hertz’s Response and Lessons Learned

Hertz maintains that its own network was not directly compromised. The breach stemmed solely from the vulnerability within Cleo Software’s system. While this distinction might offer some comfort, it underscores the critical importance of rigorous vendor security assessments and due diligence. Companies relying on third-party vendors for data processing and storage must ensure their partners maintain robust security measures to protect sensitive customer information.

The Hertz data breach serves as a stark reminder of the interconnected nature of cybersecurity risks. Even with strong internal security, a single vulnerable vendor can expose an entire organization to significant data breaches. This incident highlights the need for a holistic approach to cybersecurity, encompassing not only internal security measures but also rigorous oversight of third-party vendors and their security practices.

What Can Customers Do?

Hertz customers affected by this breach should remain vigilant and take proactive steps to protect themselves. This includes monitoring their credit reports for any unusual activity, changing passwords for online accounts, and reporting any suspicious activity to the appropriate authorities. Staying informed about the latest security threats and best practices is crucial in mitigating potential risks.

The Future of Data Security

The Hertz data breach is a significant event in the ongoing battle against cybercrime. It highlights the critical need for increased security measures across all industries, especially those handling vast amounts of sensitive personal data. The reliance on third-party vendors demands a higher level of transparency and accountability, necessitating the development of more robust security standards and regulations. The continuing evolution of sophisticated cyberattacks necessitates a proactive and adaptive approach to cybersecurity, requiring continuous investment in security technology and employee training.

The incident serves as a cautionary tale for both organizations and individuals, emphasizing the importance of constant vigilance and proactive security measures in the face of ever-evolving cyber threats. The ongoing investigation and resolution of this breach will undoubtedly shape future cybersecurity practices and highlight the necessity for collaboration between organizations, vendors, and regulatory bodies in combating these escalating threats.

Source: TechCrunch

You may also enjoy