HQ/EMEAFind out how we can help your business
Avis, a leading name in the car rental industry, has revealed that a recent cyberattack compromised the personal information of some of its customers.
Avis is a significant player in the global car rental market, with over 10,000 rental locations spanning North America, Europe, and Australasia. Along with its sister brand, Budget, and its car-sharing network, Zipcar, the Avis Budget Group generated over $3 billion in revenue during the second quarter of 2024.
The breach, which targeted one of the company’s business applications, occurred over three days, from August 3 to August 6, 2024. During this time, unknown attackers gained unauthorised access to sensitive customer data, including names and other undisclosed details. Avis, a subsidiary of Avis Budget Group, disclosed these details in notification letters sent to affected individuals and reported the incident to California’s Office of the Attorney General.
Avis first detected the breach on August 5 and immediately launched an investigation with the help of external cybersecurity experts. By August 6, the company successfully removed the attacker from its systems and blocked further unauthorised access. However, it wasn’t until August 14 that Avis discovered that customer data had been stolen.
In response, the company has taken steps to reinforce its security measures, not only for the breached application but across its entire network. Avis has engaged cybersecurity professionals to strengthen system defences and is conducting a comprehensive review of its security monitoring and protocols.
The car rental company warned affected customers of potential identity theft and fraud risks following the breach.
Avis advised individuals to monitor their accounts and credit reports for suspicious activity, emphasising the importance of vigilance in preventing identity theft. As part of its response, Avis is offering impacted customers a complimentary one-year membership of Equifax’s credit monitoring service. This service provides tools for identity theft detection and support with fraud resolution.
While Avis has taken these measures, some details remain unclear. The company has yet to reveal the total number of customers affected or the specific types of data that were compromised beyond names. Despite multiple requests for further information, Avis has not publicly commented on the nature of the attack or other specifics.
As investigations continue, Avis aims to regain customer trust by strengthening its security protocols and improving overall data protection.
