In the latest of a neverending string of data breaches, the car rental company Avis has revealed that the data of nearly 300,000 users was stolen by hackers.
As explained in a letter to affected customers, Avis discovered that an unauthorized third party had gained access to one of its business applications on August 5, 2024. Avis then immediately took steps to cut off the unauthorized access to the application, opened an investigation into the hack with cybersecurity experts, and alerted authorities.
According to a data breach notification from the Office of the Maine AG, 299,006 Avis users had their information stolen during the breach.
“Since the incident occurred, we have worked with cybersecurity experts to develop a plan to enhance security protections for the impacted business application,” Avis says. “In addition, we have taken steps to deploy and implement additional safeguards onto our systems, and are actively reviewing our security monitoring and controls to enhance and fortify the same.”
A law firm representing Avis shared more details about the incident: “Once Avis completed its review, it determined that personal information affected by the incident varies by customer but could have included: name, mailing address, email address, phone number, date of birth, credit card number and expiration date, and driver’s license number.”
If you have ever rented a car with Avis, you should monitor your credit cards even more closely in the coming weeks. Be on the lookout for any suspicious activity, as there’s a possibility these hackers got their hands on your credit card number.
Avis is offering one year of complimentary credit monitoring service from Equifax that provides affected users with identity detection and resolution of identity theft.