Final week, the transferring and rental firm U-Haul began sending out letters to prospects alerting them a couple of current information breach. Bleeping Computer studies that U-Haul found the breach earlier this summer time. The corporate discovered that attackers hacked a search instrument that contained the names and driver’s license data of consumers.
U-Haul information breach exposes buyer information
According to U-Haul, an investigation started on July 12 following the invention of the breach. On August 12, the U-Haul investigators discovered that hackers accessed “some rental contracts” between November 5, 2021, and April 5, 2022.
Right here is U-Haul’s full clarification for what occurred and what information was accessed:
We detected a compromise of two distinctive passwords that have been used to entry a buyer contract search instrument that permits entry to rental contracts for U-Haul prospects. The search instrument can not entry fee card data; no bank card data was accessed or acquired. Upon figuring out the compromised passwords, we promptly modified the passwords to stop any additional unauthorized entry to the search instrument and began an investigation. Cybersecurity consultants have been engaged to determine the contracts and information that have been concerned. The investigation decided an unauthorized individual accessed the shopper contract search instrument and a few buyer contracts. None of our monetary, fee processing or U-Haul e mail programs have been concerned; the entry was restricted to the shopper contract search instrument.
All issues thought of, the hackers didn’t do a lot injury. They didn’t steal any bank card numbers or accounts. Taking a web page from different corporations, U-Haul is providing any affected prospects one 12 months of Equifax identification theft safety providers at no cost.
“We sincerely apologize for that. Please know we’re working diligently to additional increase our safety measures to protect towards such incidents and implementing further safety safeguards and controls on the search instrument,” U-Haul added in its letter.
Lately, information breaches reminiscent of this have turn into more and more frequent. In 2021, each T-Mobile and LinkedIn suffered critical breaches that uncovered private information.
