Avis Car Rental, a division of Avis Budget Group, has disclosed a data breach that compromised sensitive customer information. The breach occurred after unauthorized access was gained to one of the company’s business applications. Avis first became aware of the breach on August 5, 2024, and promptly took steps to mitigate the impact. The company has since been working with external cybersecurity experts to investigate the incident and has reported it to the appropriate authorities.
The investigation revealed that the unauthorized access occurred between August 3 and August 6, 2024. During this time, attackers managed to obtain a range of personal information from affected customers, including names, addresses, driver’s license numbers, financial account details, and dates of birth. Avis has notified affected individuals through letters sent out last week, advising them to monitor their financial statements and credit reports for any signs of identity theft or fraud.
To assist those impacted, Avis is offering a free one-year membership to Equifax’s credit monitoring service. The company is also taking steps to bolster its cybersecurity measures and prevent future breaches. This includes collaborating with cybersecurity experts to strengthen security protocols and implementing additional safeguards across its systems.
The breach comes at a time of heightened concern about data security in the car rental industry. Avis joins a growing list of companies in this sector that have faced similar incidents. Notably, Zipcar, a car-sharing network owned by Avis Budget Group, experienced a data breach in 2022, and iRent, a Taiwanese car rental company, suffered a significant breach earlier in 2023. These incidents underscore the increasing vulnerability of the rental car industry to cyberattacks and the need for robust security measures to protect customer data.
Reference:
