U-Haul International, a provider of moving and storage rental services, has revealed it suffered a data breach after its customer contract lookup tool was misused by hackers to copy customer names and driver’s license information. did.
The company said it launched an incident investigation on July 12 after discovering signs of compromise. U-Haul then discovered on August 1 that between November 5, 2021 and April 5, 2022, cyber attackers accessed multiple customer rental agreements. .
U-Haul informed its customers in a notice of violation that a September 7, 2007 investigation found that the information accessed contained names and driver’s license or state identification numbers. rice field.
BleepingComputer reported that hackers were able to access the U-Haul rental contact lookup portal after compromising two “unique passwords.” U-Haul did not explain how the password was compromised, but said it was changed after the breach. The company also said the attackers did not access Credit Card information because search tools do not provide such data.
The moving company has announced that it will provide the identity theft protection service provided by Equifax free of charge to affected customers for one year.
According to BleepingComputer, U-Haul has a network of over 23,000 locations in the United States and Canada. With approximately 186,000 trucks, 128,000 trailers and 46,000 towing equipment, U-Haul is also her third largest self-storage operator in North America.
U-Haul Reveals Massive Data Breach
Source link U-Haul Reveals Massive Data Breach