300K Victims' Data Compromised in Avis Car Rental Breach
Though the company reports that data was exfiltrated in the breach, it has been remained tightlipped regarding the kind of data that was exposed.
Avis Car Rental is notifying nearly 300,000 individuals of a data breach it fell victim to in early August.
According to the letter it is sending out to those who have been affected, a threat actor gained unauthorized access to its business applications. The company took steps to end the access and launched an investigation alongside third-party experts, as well as alerted the authorities and notified the Maine Attorney General's Office.
The investigation has led the company to believe that the access was gained between Aug. 3 and Aug. 6, and that some personal identifiable information (PII) was exfiltrated, though the scope of the breach remains unclear.
"While details of the recent Avis intrusion are scant and we're not privy to how disruptive this attack was to Avis corporate employees and the nearly 300,000 customers apparently impacted, I am encouraged by the company's quick response and its implementation of additional safeguards to its systems and customer data," Sean Deuby, principal technologist at Semperis, wrote in an emailed statement to Dark Reading.
Avis is providing complimentary one-year memberships to those who were affected, but they must enroll by Dec. 31. Still, the company recommends that its customers remain vigilant against fraud and identity theft and review their financial statements often, as it works to bolster its cybersecurity protections.
About the Author
You May Also Like
How to Evaluate Hybrid-Cloud Network Policies and Enhance Security
September 18, 2024DORA and PCI DSS 4.0: Scale Your Mainframe Security Strategy Among Evolving Regulations
September 26, 2024Harnessing the Power of Automation to Boost Enterprise Cybersecurity
October 3, 202410 Emerging Vulnerabilities Every Enterprise Should Know
October 30, 2024
State of AI in Cybersecurity: Beyond the Hype
October 30, 2024[Virtual Event] The Essential Guide to Cloud Management
October 17, 2024Black Hat Europe - December 9-12 - Learn More
December 10, 2024SecTor - Canada's IT Security Conference Oct 22-24 - Learn More
October 22, 2024