pwshub.com

Avis alerts 300k car renters that crooks stole their info

1 week ago

Avis Rent A Car System has alerted 299,006 customers across multiple US states that their personal information was stolen in an August data breach.

The digital break-in occurred between August 3 and August 6, according to the car rental giant in filings with the Maine and California attorneys general.

On August 14, Avis determined that sensitive info had been "obtained by the unauthorized third party," although the sample breach notification letter redacted the specifics, so we can't say for sure what personal details were stolen.

Avis also cites "insider wrongdoing" under the breach disclosure section in the Maine filing, but doesn't provide additional details about what happened.

"Since the incident occurred, we have worked with cybersecurity experts to develop a plan to enhance security protections for the impacted business application," the letter sent to affected consumers says [PDF].

"In addition, we have taken steps to deploy and implement additional safeguards onto our systems, and are actively reviewing our security monitoring and controls to enhance and fortify the same," it continues. 

The car rental company did not immediately respond to The Register's questions about the breach and what specific customer info was accessed. We will update this story if and when we hear back from Avis.

  • Transport for London confirms cyberattack, assures us all is well
  • Planned Parenthood confirms cyber-attack as RansomHub threatens to leak data
  • AMD internal data reportedly offered for sale
  • 31.5M invoices, contracts, patient consent forms, and more exposed to the internet

According to San Francisco-based law firm Schubert Jonckheer & Kolbe, this information may include customers' names, addresses, dates of birth, driver's license numbers, and financial information (including account numbers and credit or debit card numbers).

In addition to indicating that the crooks did make off with people's credit card info, this also signals that a class-action lawsuit against Avis may soon be filed.

The rental company suggests that customers "remain vigilant against threats of identity theft or fraud," and is offering affected individuals a free, one-year membership to Equifax credit monitoring services. The deadline to apply for this is December 31. ®

Source: theregister.com

Related stories
5 days ago - New Jersey-based Avis Rent A Car is the latest victim of a cyberattack that apparently has revealed personal information of hundreds of thousands of people.
1 week ago - Avis is offering credit monitoring and identity theft restoration services to nearly 300,000 customers.
3 weeks ago - Here's today's Connections answer and hints for groups. These clues will help you solve New York Times' popular puzzle game, Connections, every day!
1 month ago - The answer depends on whether you can take advantage of this card's annual credits.
Other stories
37 minutes ago - Experts at the Netherlands Institute for Radio Astronomy (ASTRON) claim that second-generation, or "V2," Mini Starlink satellites emit interference that is a staggering 32 times stronger than that from previous models. Director Jessica...
38 minutes ago - The PKfail incident shocked the computer industry, exposing a deeply hidden flaw within the core of modern firmware infrastructure. The researchers who uncovered the issue have returned with new data, offering a more realistic assessment...
38 minutes ago - Nighttime anxiety can really mess up your ability to sleep at night. Here's what you can do about it right now.
38 minutes ago - With spectacular visuals and incredible combat, I cannot wait for Veilguard to launch on Oct. 31.
38 minutes ago - Finding the perfect pair of glasses is difficult, but here's how to do so while considering your face shape, skin tone, lifestyle and personality.