Data of nearly 300,000 exposed in Avis cyberattack

Avatar

Car rental giant Avis said a cyberattack in August exposed the sensitive information of almost 300,000 people across several U.S. states.

None of the data breach notifications, which were first reported by BleepingComputer, say what information was taken during the cyberattack. 

But the letters say the company discovered the attack on August 5. An investigation revealed that the hackers had access to Avis systems from August 3 to August 6. 

By August 14, the company determined that names and other pieces of personal information were accessed by the hackers. Victims are being offered one year of credit monitoring services. 

Breach notifications letters were filed with regulators in California, Maine, Texas, Massachusetts, Vermont and several other states

The company did not respond to requests for comment about how many people were affected and what information was exposed, but the filing in Maine says 299,006 people had data stolen. 

Avis, headquartered in New Jersey, reported revenues of $3 billion for the second quarter of 2024. Avis is the one of the largest U.S. car rental companies alongside other firms like Hertz, Enterprise and Budget. 

The incident has caused alarm among renters in light of the startling expansion in data collection practices by car companies. Most people now sync their smartphones to cars — even rental cars — exposing troves of sensitive information to vehicles that are then handed back to agencies like Avis. 

Earlier this year, truck rental company U-Haul said 67,000 people in the U.S. and Canada had driver’s license numbers and other identification card numbers leaked during a cyberattack.

CybercrimeIndustryNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

CISA says SonicWall bug being exploited as experts warn of ransomware gang use

Next Post

Official: DHS cyber review board will announce next investigation ‘soon’

Related Posts