Aussie Hertz car renters hacked by Clop, cybercriminal organisation
It has been confirmed that Aussies’ data, including passports, may be compromised if they have rented a car from this major company, even once.
National Breaking News
Don't miss out on the headlines from National Breaking News. Followed categories will be added to My News.
Hertz corporation customer data has been impacted from file-sharing platform Cleo being compromised by a cyber extortion operation in October last year.
Although the third-party incident occurred last year, it was just confirmed this month that Australian customers may be impacted by the attack conducted by cybercriminal organisation Clop.
Passports, driver’s licenses, card information and other private details such as name, date of birth, phone numbers, and email addresses could now be exposed.
Clop previously published the compromised data on its site, along with other Australian companies on the hit list, such as Steelblue, Linfox and Ampol.
129 Zip archives of Hertz data are currently sitting on Clop’s dark web leak site.
“The company doesn’t care about its customers, it ignored their security!!!” Clop said on the post containing the Hertz leak.
In a Notice of Data Incident statement, Hertz Australia reassured customers.
“Hertz takes the privacy and security of personal information seriously,” the statement read.
It goes on to outline that Cleo has now investigated the event and addressed identified vulnerabilities.
The incident has also been reported to law enforcement by Hertz, who are also in the process of reporting the event to regular regulators.
“Out of an abundance of caution” Hertz said it has also secured the services of cybersecurity company Kroll to provide two years of identity monitoring services to potentially impacted individuals at no cost.
However, the car rental company told potential victims to stay vigilant.
“While Hertz is not aware of any misuse of personal information for fraudulent purposes in connection with the event, we encourage potentially impacted individuals, as a best practice, to remain vigilant to the possibility of fraud or errors by reviewing account statements and monitoring credit reports for any unauthorized activity and reporting any such activity.”
A Hertz spokesperson said: “At Hertz, we take the privacy and security of personal information seriously. This vendor event involves Cleo, a file transfer platform used by Hertz for limited purposes. Importantly, to date, our forensic investigation has found no evidence that Hertz’s own network was affected by this event. However, among many other companies affected by this event, we have confirmed that Hertz data was acquired by an unauthorized third party that we understand exploited zero-day vulnerabilities within Cleo’s platform in October 2024 and December 2024. “
Originally published as Aussie Hertz car renters hacked by Clop, cybercriminal organisation
Star Victory keeper injured
Melbourne Victory’s bid to cement an A-League finals berth has been hit by an injury blow.
Iconic Aussie TV and film actor dies
Australian TV and film legend Gerard Kennedy, the star of classics such as The Flying Doctors and Division 4, has died aged 93.