Hertz says customers’ personal data and driver’s licenses stolen in data breach

Tech Crunch - Apr 14th, 2025

Car rental giant Hertz has informed its customers of a data breach involving sensitive personal information, including driver’s licenses and payment card details. The breach occurred due to a cyberattack on Hertz's vendor, Cleo Software, between October and December 2024. This incident impacted customers across several regions, including the United States, Australia, and the European Union. While the exact number of affected individuals remains undisclosed, Hertz did confirm that 3,400 customers in Maine were compromised. The data breach has been linked to the Clop ransomware gang, which exploited a zero-day vulnerability in Cleo's file transfer products, affecting numerous companies worldwide.

The breach highlights ongoing vulnerabilities in third-party software systems and the broader implications of cyberattacks on large enterprises. Cleo Software was previously implicated in a mass-hacking campaign in 2024, orchestrated by the Russia-linked Clop ransomware group. Hertz, initially announcing no evidence of its data being compromised, has now confirmed unauthorized data acquisition. The incident underscores the critical need for robust cybersecurity measures, especially for companies handling vast amounts of sensitive data. The breach serves as a cautionary tale of the ripple effects caused by cybersecurity weaknesses within third-party vendors, potentially affecting millions of consumers worldwide.

Cybersecurity Data Breach Ransomware Attack Hertz Cleo Software Clop Ransomware Customer Data Personal Information

Story submitted by Fairstory

RATING

7.6

Fair Story

Consider it well-founded

The article provides a comprehensive and timely account of a significant data breach affecting Hertz customers, with a focus on factual reporting and clarity. The story accurately details the breach's impact, the involvement of Cleo Software, and the response from Hertz, supported by credible sources. While the article is well-balanced and maintains a neutral tone, it could benefit from additional perspectives, such as those from affected customers or cybersecurity experts, to enhance its depth and balance.

The story's relevance to public interest and its potential to influence discussions about data security are notable strengths, though it could further engage readers by incorporating interactive elements or expert insights. Overall, the article effectively communicates the key aspects of the breach while maintaining readability and transparency, making it a reliable source of information for readers concerned about cybersecurity issues.

Accuracy

The story accurately reports the occurrence of a data breach involving Hertz, providing specific details about the nature of the breach, the types of data compromised, and the vendor involved. The article claims that Hertz confirmed the breach, which aligns with the available information from sources indicating that personal customer data, including names, dates of birth, and driver’s licenses, were compromised. The involvement of Cleo Software and the Clop ransomware gang is also consistent with the broader context of similar breaches during the same period. However, the story mentions that Hertz did not specify the total number of affected individuals, which is a crucial detail for assessing the breach's scale.

The report correctly identifies the regions affected by the breach, including Australia, Canada, the EU, New Zealand, the UK, and several U.S. states. It also notes the disclosure of the breach to authorities in places like California and Maine, which is confirmed by the sources. However, the lack of a precise figure for the total number of affected individuals leaves some room for speculation, although the spokesperson's comment that it would be "inaccurate to say millions" provides some context.

Overall, the story's claims are precise and supported by existing reports, although certain details, such as the exact number of affected customers and more technical aspects of the breach, require further verification to enhance the story's completeness.

Balance

The article presents a balanced view of the data breach incident, focusing on the factual details of what occurred and the responses from Hertz and its spokesperson. It provides insights into the breach's impact on customers and the involvement of Cleo Software, offering a comprehensive overview of the situation from multiple angles. However, the story could enhance balance by including perspectives from affected customers or cybersecurity experts to provide a broader understanding of the breach's implications.

The article does not exhibit overt bias toward any party involved in the breach. It objectively reports the statements from Hertz and the details surrounding the ransomware attack, without inserting opinion or speculation. While the piece covers the company's response, it could benefit from additional viewpoints, such as those from consumer protection agencies or industry analysts, to provide a more nuanced perspective on the breach's potential consequences.

Clarity

The article is well-structured and presents information in a clear and logical manner. It effectively outlines the key points of the data breach, including the timeline, affected regions, and the types of data compromised. The use of straightforward language ensures that the story is accessible to a general audience without technical expertise in cybersecurity.

The article maintains a neutral tone throughout, focusing on factual reporting rather than sensationalism. It provides a coherent narrative that guides readers through the sequence of events, from the initial breach to the company's response. However, the story could enhance clarity by offering more background information on Cleo Software and the Clop ransomware gang for readers unfamiliar with these entities.

Source quality

The article relies on credible sources, including statements from Hertz and references to the Clop ransomware gang's activities. The inclusion of a spokesperson's comments adds authority and authenticity to the report, ensuring that the information is grounded in direct communication with the company involved.

While the primary source is a spokesperson for Hertz, the story could be strengthened by incorporating information from independent cybersecurity experts or third-party analysts to validate the claims and provide an external perspective on the breach. The mention of Cleo Software as a vendor affected by the breach is consistent with other reported incidents, indicating a reliable use of background information. However, the lack of direct quotes or responses from Cleo Software limits the depth of source variety.

Transparency

The article is transparent in disclosing the key facts of the data breach, including the timeline, affected data types, and the vendor involved. It clearly states that the breach occurred due to vulnerabilities in Cleo Software's platform and provides a timeline of the events. This transparency helps readers understand the context and scope of the incident.

However, the story could improve transparency by offering more detailed explanations of the technical aspects of the breach, such as the specific vulnerabilities exploited by the Clop ransomware gang. Additionally, while the article mentions that the total number of affected individuals is not disclosed, it could provide more context on why this information is unavailable or what efforts are being made to determine the breach's full impact.