The popular car rental company Hertz has confirmed that the Hertz, Thrifty and Dollar rental car brands fell victim to the Cleo zero-day data theft attacks that occurred late last year. This data breach, which occurred in October and December 2024 was confirmed on February 10, 2025, and could include critical personal information.
As reported by BleepingComputer, the personal data that was stolen could potentially include customer names, contact information, dates of birth, credit card information, drivers licenses, and possibly information related to workers compensation claims. However, customers' Social Security numbers, government identification numbers, passport information, Medicaid or Medicare ID or injury related information associated with any vehicle accident claims may have also been accessed in this breach.
Hertz has not shared how many customers may have been affected by the breach, and said that the data stolen will vary by individual. The Maine Attorney General’s office has reported that 3,409 people in that state are receiving notifications about the breach; notifications has also been shared with customers in California and Vermont, though those states do not report the number of impacted individuals.
The group responsible, Clop, exploited a zero-day vulnerability in the Clop managed file transfer programs Cleo Harmony, VLTrader and LexiCom and has taken responsibility for attacks on 66 companies including Western Alliance Bank, WK Kellogg Co, and Sam's Club.
How to stay safe
Hertz is offering affected customers two years of free access to the best identity theft protection services through Kroll. While we haven't reviewed this particular service yet, Kroll does have an A- rating with the Better Business Bureau. If you've been notified that your personal and financial data was affected in this breach, you can head here to enroll in Kroll's identity theft protection.
Besides providing access to identity theft protection, Hertz is also advising affected customers to look out for signs of potential fraud. Likewise, you can also look into a credit freeze as well and the company includes information on how to do this in a data breach notification (PDF) it sent out to affected individuals.
As threat actors now have access to the personal and financial data of Hertz customers, impacted individuals will need to be on high alert for targeted phishing attacks both in their inboxes and in their social media accounts as well as offline via phone calls and through the mail.
You want to make sure you familiarize yourself with the common signs of a phishing attack and be sure to never interact with any links, QR codes or attachments from unknown or unexpected sources. If you receive something that seems suspicious from a friend, family member or even a coworker, contact the sender directly to confirm what they may have sent. Enter in URLs directly instead of clicking on links in messages, emails or texts and you also want to take the time to carefully inspect every link you visit.
If you're looking for added protection on your system, make sure you're protected with one of best antivirus software solutions which often include extra security features like a VPN, a password manager and a hardened browser.
Data breaches like the one detailed above have the potential to completely derail your life even if you've done nothing wrong. Fortunately though, Hertz is providing identity theft protection free of charge for two years so if you're impacted by this breach, make sure you claim this offer and sign up before it's too late.
