Hertz Hit by Ransomware

Summary

Hertz confirms customer data breach after Clop ransomware gang exploits Cleo zero-day vulnerability. Sensitive data like names, contact details, driver’s licenses, and even Social Security numbers were exposed. Hertz offers two years of free identity protection and urges vigilance.

Dont let data threats slow you downTrueNAS offers enterprise-level protection.

** Main Story**

So, the word’s out: Hertz, yeah, the rental car giant with Dollar and Thrifty under its wing, got hit with a pretty serious data breach. Turns out, those infamous Clop ransomware guys found a sneaky way in through a vulnerability in some file transfer software. This wasn’t Hertz’s own software, mind you, but one from a third-party vendor called Cleo Communications. The timeline’s a bit messy, it looks like it happened somewhere between October and December of 2024, but, only came to light in February of 2025. A pretty big time gap, and really showcases how hard it can be to detect these things quickly. All this means that potentially a whole lot of customer data is now floating around out there.

What Exactly Was Exposed?

This is where it gets a bit scary. It’s not just one type of info, it seems to be a mixed bag, and varies depending on the customer and where they’re located. The kind of stuff that was taken includes things like:

• Names. Obviously.
• Contact details, addresses, phone numbers, the usual.
• Dates of birth. Used often for identity confirmation, sadly.
• Driver’s license numbers. Big red flag, that one.
• Credit card details. No explanation needed here, yikes.
• And, to really make matters worse, in some cases, Social Security numbers, passport details, and other government IDs. Basically, everything you need to steal someone’s identity.
• And, get this, workers’ compensation claim data too! Including Medicare/Medicaid IDs and details about injuries in some cases. Honestly, its a real mess.

It affects customers across all three brands, Hertz, Dollar, and Thrifty. The exact number of people impacted? Hertz isn’t saying. However, according to Maine’s Attorney General, over 3,000 residents there got notifications, and folks in California and Vermont got them too. I’d bet it’s a much larger number than that, spread across the US, and perhaps beyond.

Cleo, Clop, and How It Happened

The heart of the issue? A zero-day vulnerability, labeled CVE-2024-55956, in Cleo’s file transfer software. Think of a zero-day as a hole in the wall that nobody knows is there yet. The Clop ransomware gang exploited this weakness, specifically in older versions of the software (before version 5.8.0.24). The vulnerability allowed them to get in and run commands they shouldn’t have been able to.

And the attack? It was pretty sophisticated; involving planting malicious files, getting persistent access through webshells, and all that jazz. Clop didn’t just target Hertz either; they went after over 60 companies using Cleo’s software in a mass-hacking campaign. Interestingly enough, Hertz initially denied any breach, even after Clop named them on their dark web leak site. Clearly, they weren’t aware of the full scope of the problem at the time.

What This Means for Customers and Hertz’s Reaction

Let’s be real, this is bad news. The data exposed could lead to all sorts of headaches for those affected, from identity theft to phishing scams, to even getting fraudulent credit accounts opened in their name. If your Social Security number was compromised, it’s a whole other level of trouble. I mean, how many times have we heard the advice to protect your SSN. Now imagine its out there in the wild. Nightmare fuel, really.

Hertz is offering two years of free identity protection through Kroll, which is a good start. They also strongly recommend that everyone monitors their accounts, checks their credit reports, and considers freezing their credit. Of course. They claim their own systems weren’t directly impacted, but acknowledge the vendor screw up. Its good they’re trying to take the proper steps to correct their error.

Data Breaches: The New Normal?

Honestly, incidents like this just underscore how risky things are in the digital world. It’s the third-party vendors that can really get you. They can act as a backdoor, and cause massive damage. It can hurt business, damage reputations, and completely ruin lives. Which is why it’s so crucial to have solid security in place, manage vulnerabilities proactively, and to have a plan ready to go the second you find out something’s wrong. It’s not a matter of if, but when, you know?

So, How Do You Protect Yourself?

Alright, let’s say you think you might be affected by the Hertz breach. What should you do right now? Well:

• Sign up for that free identity protection from Hertz. No brainer.
• Keep a very close eye on your bank accounts. Look for anything unusual.
• Check your credit reports regularly. You can get them for free from AnnualCreditReport.com.
• Think about putting a fraud alert or security freeze on your credit. It makes it harder for someone to open new accounts in your name.
• If you think you’ve been a victim of identity theft, report it to the FTC or your local police.
• Be extra careful about phishing emails, phone calls, and texts. Don’t click on links or give out personal info unless you’re absolutely sure who you’re talking to.

I won’t lie, following these steps won’t guarantee anything but, they definitely help reduce the risks, dramatically in some cases. Now, staying up-to-date with latest in security, and things like keeping software up to date is also really important. What else can you really do? Just hope for the best, really.