A data breach occurred when an unauthorized party obtained access to one of Avis Car Rental’s business platforms, exposing the company’s customers’ personal information. A breach occurred between August 3 and August 6, 2024, exposing names and other sensitive client data. Since then, the attack has been stopped, an investigation conducted by a cybersecurity specialist has been launched, and law enforcement has been notified, according to Avis.
On August 5, 2024, the corporation first became aware of the incident and began taking steps to secure its systems. After more research showed that customer data had been accessed, Avis notified the affected parties on September 4, 2024. In a letter to consumers, Avis clarifies that names and maybe more sensitive information were among the compromised personal details. The letter sample that Avis provided to the Californian authorities has the specific data types that were exposed in this event blacked out.
The message to consumers stated, “As soon as we learned about the incident, we took action to stop the unauthorized access, started an investigation with support from cybersecurity experts, and notified the appropriate authorities.” The letters were initially covered by BleepingComputer on Friday.
The letter went on, “Since the event, we have collaborated with cybersecurity specialists to devise a strategy to augment security safeguards for the affected business application. We have also taken action to build and install more security measures to our systems, and we are continuously evaluating our security monitoring and controls to strengthen and improve them.
With operations in more than 165 countries, Avis Rent-A-Car, a division of the Avis Budget Group, is a significant player in the international vehicle rental business. Avis is a major player in airports and cities across the globe, serving millions of clients who rely on its car rental services. This data breach is especially troubling because of the organization’s size and scope, as it serves both business and leisure travelers. The company has a large customer base.
To lessen the hack’s effects, Avis is providing impacted parties with a complimentary year of Equifax credit monitoring services. This covers identity theft insurance, monitoring credit reports, alerts for significant changes, and fraud alerts. Customers can sign up for the service until December 31, 2024. The business also suggests that people use the tools provided by the credit bureaus and keep an eye out for any unusual behavior on their accounts in order to safeguard their personal data.
Avis states that in order to stop future security breaches, it is actively trying to fortify its systems. To that end, it has started to improve security monitoring and add more security measures to guard against unwanted access. In addition, Avis keeps working with cybersecurity specialists to make sure its protections are strong.
