Hertz, Dollar, Thrifty: 1 Million People, Same Breach

Hertz disclosed a breach affecting over a million people across Hertz, Dollar, and Thrifty brands. Names, contact info, dates of birth, credit cards, driver’s licenses, workers’ comp claims. Some had SSNs and passports exposed.

The root cause? Zero-day vulnerabilities in Cleo’s file transfer platform — exploited by the Clop ransomware gang back in late 2024.

This wasn’t Hertz’s own systems. It was a third-party vendor.

That’s the thing about supply chain risk: you inherit every vulnerability from every vendor you trust with your data. And your customers don’t care whose fault it is — they just know their information got leaked.

Know your vendors. Know what data they hold. Know what happens when they fail.

Read more at Strobes Security

Hertz, Dollar, Thrifty: 1 Million People, Same Breach

Related Posts

From Resume to Ransom: When Your Staffing Agency Becomes the Target

1.4 Million Insurance Customers. One Social Engineering Call.

6 Million Qantas Customers. One Third-Party Call Center.

Coca-Cola's Employee Data Leaked After Ignored Ransom