U-Haul Reports 67K Customers Impacted by Data Breach

  /     /     /  
Publicated : 23/11/2024   Category : security


U-Haul Reports 67K Customers Impacted by Data Breach


In the notice letter sent out to affected individuals, U-Haul notes that credit card information was not accessed in the breach.



U-Haul — a truck, trailer, and self-storage rental company based in Arizona — has begun notifying 67,000 customers of a data breach late last year that compromised their personal information.
The breach occurred on Dec. 5 when an unauthorized actor somehow used legitimate credentials to access a system used by
U-Haul
dealers and team members to track customer reservations and view customer records.
Once U-Haul discovered the incident, it initiated its response protocol and launched an investigation of the breach alongside a cybersecurity firm. The investigation showed that certain customer records were accessed in the breach, including name and driver license information of 136 individuals residing in Maine.
In
a notice letter
to affected individuals, U-Haul noted that the customer record system involved in the breach is not connected to the payment system, therefore no card data was accessed by the threat actors. However, this kind of breach is not the first of its kind for the rental company.
U-Haul is back again, having had a similar breach in 2022, with more stolen credential issues, stated Luciano Allegro, CMO at BforeAI, a predictive security company based in France. It looks like U-Haul should strongly consider the implementation of mandatory multifactor authentication associated with all of their accounts to make it harder for attackers to steal credentials or conduct successful credential-stuffing attacks.
U-Haul is offering a complimentary one-year membership to Experian IdentityWorks to those affected but urges its customers to remain vigilant for fraud or identity theft by reviewing their own records. 

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
U-Haul Reports 67K Customers Impacted by Data Breach