67K Clients Impacted by Information Breach, Based on U-Haul

67K Customers Impacted by Data Breach, According to U-Haul

U-Haul — a truck, trailer, and self-storage rental firm based mostly in Arizona — has begun notifying 67,000 clients of an information breach late final yr that compromised their private data.

The breach occurred on Dec. 5 when an unauthorized actor in some way used professional credentials to entry a system utilized by U-Haul sellers and workforce members to trace buyer reservations and think about buyer information.

As soon as U-Haul found the incident, it initiated its response protocol and launched an investigation of the breach alongside a cybersecurity agency. The investigation confirmed that sure buyer information had been accessed within the breach, together with title and driver license data of 136 people residing in Maine.

In a notice letter to affected people, U-Haul famous that the shopper file system concerned within the breach will not be related to the fee system, subsequently no card information was accessed by the risk actors. Nevertheless, this type of breach will not be the primary of its sort for the rental firm.

“U-Haul is again once more, having had an analogous breach in 2022, with extra stolen credential points,” said Luciano Allegro, CMO at BforeAI, a predictive safety firm based mostly in France. “It seems like U-Haul ought to strongly take into account the implementation of obligatory multifactor authentication related to all of their accounts to make it tougher for attackers to steal credentials or conduct profitable credential-stuffing assaults.”

U-Haul is providing a complimentary one-year membership to Experian IdentityWorks to these affected however urges its clients to stay vigilant for fraud or id theft by reviewing their very own information. 


Total
0
Shares
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
Previous Post
NIST Cybersecurity Framework 2.0: 4 Steps to Get Started

NIST Cybersecurity Framework 2.0: 4 Steps to Get Began

Next Post
Cloud Apps Make the Case for Pen-Testing-as-a-Service

Russia’s ‘Midnight Blizzard’ Concentrating on Service Accounts for Preliminary Cloud Entry

Related Posts