Most companies use different sellers to operate a different Parts of their workLike customer management, financial affairs, salary statements and social media. To do this, they share access to customer data with these platforms. The issue is that not all sellers take cybersecurity seriously, and that infiltrators realize this well.
More and more, attackers follow these weakest links in the digital supply chain. These types of violations often occur quietly, as they offer large quantities of customer information without touching the company’s main systems. It has become a serious concern for both companies and customers.
One of the most recent HERTZ cases includes a car rental giant, which recently confirmed that the customer’s data has been due to the electronic attack on a software sellers.
Join the free “Cyberguy Report”: Get expert advice experts, critical safety alerts and exclusive deals, as well as immediate access to my country free “The ultimate survival guide “ When registering!
HERTZ Rental site (Hertz)
What happened in Hurtz?
HERTZ, the global car rental company that also runs the dollar and excellence, It revealed the data breach It affects thousands of its customers. The accident stems from an electronic attack on one of the third -party sellers, the Software provider, between October and December 2024. The breach of the internal Hirtz systems did not harm, but it included data that was shared with the seller as part of the operating workflow.
The data at risk varies depending on the region, but it includes sensitive personal information such as names, birth dates, contact details, driving license numbers, and in some cases, social security numbers and other identifiers issued by the government. Certain financial informationIncluding the details of the payment card and workers’ compensation demands, was also among the stolen records.
In the United States, disclosures were made with the organizational bodies in California, Texas and Maine. Specifically, 3457 individuals were affected in Mine and 96665 in Texas. However, the total global influence is believed to be much greater. Customers were notified in Australia, Canada, the European Union, New Zealand and the United Kingdom by breach notifications on Hertz regional sites.
What is artificial intelligence (AI)?
The breach is believed to be action Clop Ransomware GangA group of associated piracy Russia. CLOP took advantage of a security vulnerability for the zero day in the CLEO file transfer program, and the technology used by many large institutions to securely sensitive business data. In 2024, the gang launched a large prepared campaign targeting Cleo users, and stealing data from more than 60 companies, including Hertz.
Interestingly, while Hertz was named on the dark web leakage site in Klopp in 2024, the company initially stated that it was “no evidence” of its systems or statements that have been at risk.
When CyberGuy called him, a HERTZ spokesman said: “In Hertz, we take the privacy and security of personal information seriously. This seller’s event includes Cleo, the platform for transferring files that Hertz used for limited purposes. The third unauthorized third party that we understand weaknesses on the day of the Cleio platform in October 2024 and December 2024.”
HERTZ Rental site (Hertz)
200 million records for social media were leaked in the main X data breach
What does this mean to customers?
While the internal systems of the port as anzurz, exposure to personal data, including the driving license numbers, contact details and identifiers issued by the government, are serious risks. The affected individuals may be vulnerable to ID theftFraudulent account holes and targeting them Hunting attempts. If the social security numbers are involved, then the capabilities of the damage increase significantly. Any person who is renting from a hertz, dollar, or wealth between October and 2024 should be at a state of high alert.
Pirates at work (Cyberguy “Knutsson)
Mescape programs display 3.9 billion passwords in the threat of huge cybersecurity
7 Ways to protect yourself after violating the hertz data
If you think you are affected or just want to be careful, here are some of the steps that you can now take to stay safe from the HRTZ data breach.
1. Watch out for delicious fraud and use strong antivirus programs: By accessing your e -mail, phone number or identity documents, attackers can formulate emails to hunt the deception that pretends to be health care providers or banks. Email messages may include these harmful links designed to install harmful programs or steal login information. To defend yourself, use a strong antivirus program. Get the best winners of the Virus Control Protection 2025 for Windows, Mac, Android and iOS devices.
2. Rub your data from the Internet using the personal data removal service: The more your personal information on the Internet, the easier it was to use it against you. After violating Hertz, consider removing your information from public databases and people search sites. Check the best data removal choices here.
3. Protection from identity theft and use identity theft protection: Platformists can now access high -value information from Hertz breach, including social security, driving and banking license. This makes you a major target for stealing identity. They can also help you freeze bank accounts and credit card accounts to prevent more unauthorized use by criminals. Participation in the protection of the theft of the monitoring identity gives you the clock throughout the week, and alerts of unusual activity and support if you are stolen. Watch my advice and best choices on how to protect yourself from stealing identity.
Get Fox Business on the Go by clicking here
4. Prepare fraud alerts: Fraud alerts ask to notify the creditors that they need to have additional verification before the credit is issued. You can request fraud alerts through any of the three main credit offices; They will notify others. This adds another layer of protection without getting to the credit completely.
5. Monitor your credit reports: Check your credit reports regularly through Innualcreditreport.comWhere you can access free reports from each office once a year or more if you are interested in fraud. Discovering unauthorized accounts early can prevent greater financial damage.
6. Change passwords and use the password manager: Update passwords on any accounts related to the risk data. Use unique passwords that are difficult to guess and leave the password manager to raise heavy by creating safe boxes for you. Passwords reuse them are an easy goal after violations. Consider the password managers for rest and safety. Get more details about my country The best password managers reviewed by experts in 2025 here.
7. Be careful of social engineering attacks: Snements may use stolen details such as names or birth dates of violations in phone fraud or fake customer service calls designed to deceive you to detect more sensitive information. Never share personal details on calls or unwanted emails. Social engineering attacks depend on trust, and vigilance is the key.
Hittons who use malware to steal data from USB drives
Court Kisa Curt
Internet risk does not always come from the company’s private network. It is often established in invisible corners of the digital supply chain. Even as companies decrease in internal cybersecurity, they should be equally strict in how to check and monitor third -party sellers. For consumers, it is no longer sufficient to confidence in the big brand on the poster. Data track is wider, the attack surface is greater and the consequences are more mysterious.
Click here to get the Fox News app
If companies are not able to protect our data, do they have to be allowed to collect a lot of them? Let’s know through our writing in Cyberguy.com/contact.
For more technical advice and security alerts, participated in the free newsletter of Cyberguy Report by going to Cyberguy.com/newsledter.
Ask Court a question or tell us about the stories you want to cover.
Follow Court on his social channels:
Answers to the most amazing Cyberguy questions:
New from Court:
Copyright 2025 Cyberguy.com. All rights reserved.
