Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Hertz has begun notifying customers whose data – including driver’s licenses, payment card information, and passports – was compromised via a 2024 Cleo file-sharing vulnerability.
Car rental firm Hertz Corporation has begun notifying customers caught up in a December data breach, and Hertz Australia has confirmed that some Australian customers’ personal data has also been compromised.
According to the website of the Maine Attorney-General, customer notifications were sent out on 11 April, with Hertz saying in that notification that it confirmed the data breach on 10 February.
The breach came about due to a third-party incident impacting file-sharing platform Cleo, which was compromised en masse by the Clop cyber extortion operation in October.
“Cleo is a vendor that provides a file transfer platform used by Hertz for limited purposes. On February 10, 2025, we confirmed that Hertz data was acquired by an unauthorised third party that we understand exploited zero-day vulnerabilities within Cleo’s platform in October 2024 and December 2024,” Hertz said in its data breach notification.
“Hertz immediately began analysing the data to determine the scope of the event and to identify individuals whose personal information may have been impacted.”
This investigation was completed on 2 April, when it was confirmed that Australian customers may have been exposed. The possibly impacted data includes name, contact information, date of birth, driver’s license, and payment card information.
“A very small number of such individuals may have had their passport information impacted by the event,” Hertz Australia said in its own data breach notification.
“While Hertz is not aware of any misuse of personal information for fraudulent purposes in connection with the event, we encourage potentially impacted individuals, as a best practice, to remain vigilant to the possibility of fraud or errors by reviewing account statements and monitoring credit reports for any unauthorised activity and reporting any such activity.”
Hertz has also confirmed to Cyber Daily that its internal network has not been compromised.
“Importantly, to date, our forensic investigation has found no evidence that Hertz’s own network was affected by this event,” a Hertz spokesperson said.
Hertz was initially listed on Clop’s darknet leak site on 24 December 2024, as one of dozens of organisations impacted by Clop’s compromise of the Cleo platform. That data was then published one month later, on 24 January 2025, alongside data from Australian companies Ampol, Linfox, and Steel Blue.
“The company doesn’t care about its customers, it ignored their security!!!” Clop said in its Hertz leak post. Clop currently hosts 139 unique Zip archives of Hertz data on its website.
Cyber Daily has asked Hertz for confirmation of how many Australians have been impacted by this data breach.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
