Final week, the transferring and rental firm U-Haul began sending out letters to clients alerting them a few current knowledge breach. Bleeping Laptop studies that U-Haul found the breach earlier this summer season. The corporate discovered that attackers hacked a search instrument that contained the names and driver’s license data of shoppers.
U-Haul knowledge breach exposes buyer data
Based on U-Haul, an investigation started on July 12 following the invention of the breach. On August 12, the U-Haul investigators discovered that hackers accessed “some rental contracts” between November 5, 2021, and April 5, 2022.
Right here is U-Haul’s full clarification for what occurred and what knowledge was accessed:
We detected a compromise of two distinctive passwords that had been used to entry a buyer contract search instrument that enables entry to rental contracts for U-Haul clients. The search instrument can’t entry fee card data; no bank card data was accessed or acquired. Upon figuring out the compromised passwords, we promptly modified the passwords to forestall any additional unauthorized entry to the search instrument and began an investigation. Cybersecurity consultants had been engaged to establish the contracts and knowledge that had been concerned. The investigation decided an unauthorized particular person accessed the client contract search instrument and a few buyer contracts. None of our monetary, fee processing or U-Haul e-mail programs had been concerned; the entry was restricted to the client contract search instrument.
All issues thought-about, the hackers didn’t do a lot harm. They didn’t steal any bank card numbers or accounts. Taking a web page from different corporations, U-Haul is providing any affected clients one yr of Equifax id theft safety providers at no cost.
“We sincerely apologize for that. Please know we’re working diligently to additional increase our safety measures to protect in opposition to such incidents and implementing extra safety safeguards and controls on the search instrument,” U-Haul added in its letter.
In recent times, knowledge breaches reminiscent of this have turn into more and more frequent. In 2021, each T-Cellular and LinkedIn suffered severe breaches that uncovered private knowledge.
