Hertz, Dollar, Thrifty: 1 Million People, Same Breach

Hertz disclosed a data breach affecting over a million people across Hertz, Dollar, and Thrifty brands. Names, contact info, dates of birth, credit cards, driver’s licenses, workers’ comp claims. Some had SSNs and passports exposed — all PII.

The root cause? Zero-day vulnerabilities in Cleo’s file transfer platform — exploited by the Clop ransomware gang back in late 2024.

This wasn’t Hertz’s own systems. It was a third-party vendor.

That’s the thing about supply chain risk: you inherit every vulnerability from every vendor you trust with your data. And your customers don’t care whose fault it is — they just know their information got leaked.

Know your vendors. Know what data they hold. Know what happens when they fail.

Try Free Risk Scanner | Risk Finder Pricing

Read more at Strobes Security

Hertz, Dollar, Thrifty: 1 Million People, Same Breach

Related Posts

From Resume to Ransom: When Your Staffing Agency Becomes the Target

1.4 Million Insurance Customers. One Social Engineering Call.

6 Million Qantas Customers. One Third-Party Call Center.

Coca-Cola's Employee Data Leaked After Ignored Ransom