Leak at Hertz
On 15 April 2025, car-rental company Hertz disclosed a data breach stemming from the late-2024 zero-day exploitation of Cleo's file-transfer software by the CL0P group, exposing customer names, contact details, dates of birth, driver's licences, credit-card and passport data.
- Victim
- Hertz
On 15 April 2025, Hertz — the global car-rental company, which also operates the Dollar and Thrifty brands — confirmed a data breach affecting an undisclosed number of customers. The incident did not result from a direct intrusion into Hertz's own systems but from a supply-chain compromise at one of its vendors, Cleo Communications.
The breach traces back to the CL0P ransomware group's mass exploitation of zero-day vulnerabilities (CVE-2024-50623 and CVE-2024-55956) in Cleo's managed file-transfer products — Harmony, VLTrader and LexiCom. Attackers accessed Hertz data through this platform in October and December 2024. Hertz confirmed the unauthorised access on 10 February 2025 and completed its data analysis around 2 April 2025 before notifying affected individuals.
Data exposed varied by customer but could include:
- Names and contact details
- Dates of birth
- Driver's licence information
- Credit-card information
- Passport details
- For a smaller subset: Social Security numbers, other government IDs and workers' compensation claim information
Hertz declined to give a total figure but said it would be "inaccurate to say millions" were affected; regulatory filings confirmed at least 3,400 customers in the US state of Maine. The company reported the incident to law enforcement and regulators, said it had found no evidence of fraudulent misuse, and offered free identity-monitoring services to higher-risk individuals.
Sources
- next.inkhttps://next.ink/brief_article/hertz-sest-fait-derober-des-donnees-clients-permis-passeports-cartes-de-credit/
- malwarebytes.comhttps://www.malwarebytes.com/blog/news/2025/04/hertz-data-breach-caused-by-cl0p-ransomware-attack-on-vendor
- infosecurity-magazine.comhttps://www.infosecurity-magazine.com/news/hertz-data-breach-exposes-customer/
- computerweekly.comhttps://www.computerweekly.com/news/366622655/Hertz-warns-UK-customers-of-Cleo-linked-data-breach