Hertz car rental customers' driver's licenses ended up on the dark web.

In December 2024, the Cleo Communications company was the victim of a cyber attack by the Clop ransomware cybergang. The breach occurred due to a zero-day vulnerability present in the file transfer platforms used to send sensitive files with its employees. As a result, several names have been implicated within the affair, about sixty companies.

Recently, the Hertz Corporation car rental company issued an alert explaining that it was a victim of the attack, as it was connected to Cleo Communications. The breach compromised sensitive data of Hertz's customers, the information involved includes names, contact information, dates of birth, driver's license information, and payment card data - for European customers there is also the possibility that some passport numbers were obtained.

The company reported what happened to law enforcement and then advised its customers to beware of potential scams.