Replace September 09, 08:32 EDT: Revised title and story to incorporate that the Avis data breach impacted over 299,000 clients.
American automobile rental big Avis notified clients that unknown attackers breached certainly one of its enterprise functions final month and stole a few of their private info.
In response to data breach notification letters despatched to impacted clients on Wednesday and filed with California’s Workplace of the Legal professional Common, the corporate took motion to cease the unauthorized entry, launched an investigation with the assistance of exterior cybersecurity consultants, and reported the incident to related authorities after studying of the breach on August 5.
This investigation revealed that the attacker had entry to its enterprise utility from August 3 till August 6, when the corporate evicted the malicious actor from its programs and blocked its entry. On August 14, it additionally discovered that the attacker stole some clients’ private info, together with their names and different undisclosed delicate knowledge.
As revealed in a separate submitting with Maine’s lawyer normal, the attackers stole the private info of 299,006 Avis clients within the breach.
Because the breach, Avis says it has labored with outdoors consultants to strengthen security measures for the affected utility and applied extra safeguards throughout its programs.
The corporate added that it is actively reviewing security monitoring and controls to bolster security defenses and warned clients of id theft and fraud dangers following the data breach.
“It’s at all times a good suggestion to stay vigilant in opposition to threats of id theft or fraud,” Avis advised these whose private info was stolen within the incident.
“You are able to do this by commonly reviewing and monitoring your account statements and credit score historical past for any indicators of unauthorized transactions or exercise. You’ll be able to contact the credit score reporting businesses if you happen to suspect any unauthorized exercise.”
The automobile rental firm additionally supplied these affected a free one-year membership to Equifax’s credit score monitoring service, which supplies help with id theft detection and backbone.
Avis is a subsidiary of Avis Finances Group, a number one world mobility options supplier that additionally owns Zipcar, the world’s main car-sharing community. Its Avis and Finances automobile rental manufacturers function over 10,000 rental places in 180 nations throughout North America, Europe, and Australasia. Avis Finances Group has reported greater than $3.0 billion in revenues for the second quarter of 2024.
The corporate has not responded to a number of requests for remark from BleepingComputer asking for extra details about the assault’s nature, the variety of affected clients, and the opposite private info stolen within the breach.
