Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
The car rental giant Hartz has begun notifying a data violation of its customers so that they include their personal information and driver’s license.
The rental company, which also owns the dollar and the threift brand, said On the notice of its website The breach that is related to one of its sellers from October 2024 to December 2024 is related to a cybertack of one of its sellers.
The stolen data varies according to the region but mainly includes the name of the Hartz customer, date of birth, contact information, driver’s license, payment card information and workers’ claims. Hartz said that a small number of customers violated their social security numbers, in addition to the number of other government-detected identifications.
Notifications on Hartz’s websites reveal to customers Australia, CanadaThe European Union, New ZealandThe UKThe
Hartz also expressed violations with several US states, including California and Maine. Hartz said that at least 5 customers were affected in Maine but did not listen to the total number of the victims, which are probably likely to be significantly higher.
Hartz spokesperson Emily Spencer, do not supply TechCrunch with a certain number of people affected by violations but said that it would “be millions of millions” customer will suffer.
The company has blamed Cleo software to violate the breach, which was last year In the center of a mass-hacking promotion By a Russian-connected Ranswear gang.
Hartz is one of a dozen companies that used Cleo software during their data theft. Klopp Ranswar Gang claimed last year an exploited Zero-day weakness Clear’s widely used enterprise file transfer products, which allows companies to share large sets of sensitive data on the Internet. In violation of these systems, hackers steal data rims from Clear Corporate customers.
Only then does the Clop Ranswire Gang claimed on his Dark ৰ web leaky site that it was. Steal data from about 60 companies Using the bug on their Cleo system. In the next post, Klopp demanded a few dozens of complaint corporate victims.
Data becomes one of the campaigning promotions The most notable mass-hacks of 2024The
At that time, Hartz, named on the site of Klopp, said there was no evidence that hearts or hearts were affected.
On Monday, the Hartz spokesperson told TechCrunch that it was influenced by Hartz’s own network violation, but confirmed that Heartz Data was acquired by a unauthorized third party that we understood the vulnerable of the blank-day weakness in Clear’s platform 2024 and December 2024.
On Monday, a Cleo Executive did not respond to TechCrunch investigation.