Hertz data breach overview:
- Who: Hertz announced a data breach involving Cleo, a vendor file transfer platform used by the car rental company.
- Why: The breach exposed customers’ personal information, including Social Security numbers.
- Where: The data breach affected Hertz customers in the United States, Australia, Canada, Europe, New Zealand and the United Kingdom.
Hertz has announced that a data breach involving Cleo, a vendor that provides a file transfer platform for the car rental company, exposed its customers’ personal information, including Social Security numbers.
The car rental company posted the data breach notice on its website stating the incident occurred in October and December 2024, but it wasn’t confirmed until February 2025.
Hertz said a full data analysis of the data breach was completed on April 2, 2025 and that it notified customers in Australia, Canada, Europe, New Zealand, the United Kingdom and the United States.
The Hertz data breach notice says that the information included: “name, contact information, date of birth, credit card information, driver’s license information and information related to workers’ compensation claims.”
The car rental company said a “very small number” of individuals may have had their Social Security or other government identification numbers, passport information, Medicare or Medicaid ID (associated with workers’ compensation claims), or injury-related information associated with vehicle accident claims impacted by the Cleo data breach.
Hertz data breach affected less than ‘millions’ of customers, company says
Hertz spokesperson Emily Spencer told TechCrunch the number of customers impacted by the Cleo data breach was “less than millions.”
The Cleo data breach was the result of a mass-hacking campaign conducted by a Russia-linked ransomware gang, TechCrunch reported.
Hertz said Cleo has taken steps to investigate the event and address the identified vulnerabilities. The proper authorities were notified and, as far as Hertz currently knows, none of the data stolen has been misused.
Hertz encourages customers concerned that their data may have been compromised to monitor all financial statements and credit reports.
Last year, Avis was hit with a class action after a data breach exposed the personal information of more than 300,000 people.
Do you believe you were affected by the Hertz data breach? Let us know in the comments.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
Washington residents: Did you receive a ‘refer a friend’ text for Capital One, Venmo, Tesla, Coinbase, or another company?
September 23, 2025 | Legal News
20 thoughts onHertz data breach exposed sensitive customer information in 2024
please add me, i rented a car from Hertz for 3 months while driving for Lyft
I’m in Australia and travelled to the U.S late last year, hiring a car from Thrifty. I did get a letter from Hertz alerting me that I am likely part of this breach. It’s very unsettling, so how can I join this class action?
I rented from them during this time frame
I rented from them in Nov 2024
I was involved in this data breach along with my elder parents. I don’t see anywhere to add me to this suit, or if there is a suit. Nor do I see direction as to who or where I can get help.
Please add me myself and husband have rented a car from they before thank you.
I rented from Hertz in November 2024
I had a rental car for three months with Hertz, please add me.
Add me
Add me