U-Haul, an American company that specialises in rental moving services, has started the notification process. They are informing 67,000 customers that a data breach has exposed their personal information.
U-Haul focuses in moving trucks rentals and offers storage options for clients who choose to do tasks on their own. The company provides various solutions, such as trailers, trucks, and other services, to simplify the process of moving household goods.
Since its establishment in 1945, the company has grown into a strong organisation with a workforce of 19,500 apeople. U-Haul typically generates more than $4.5 billion in yearly revenue, showing amazing financial competence.
According to a U-Haul representative, the data breach affected about 67,000 customers in the United States and Canada. U-Haul highlighted that the compromised customer record system is separate from the payment system, maintaining the security of card information.
As confirmed by the company’s representative, Jeff Lockridge, sensitive client information, such as names, birth dates, and driver’s license numbers, was exposed during the security breach.
In 2023, a threat actor identified as ‘D3m0n’ allegedly exposed over 13 GB of data, which included sensitive information such as employee names, contact information, and work titles. This breach follows previous incidents, highlighting the company’s continued issues in protecting client data.
According to recent notifications given to customers affected, the security incident happened on December 5th. The well-known moving company found unauthorised access to its U-Haul Dealer and Team Members system during a cooperative investigation with a cybersecurity company. The ability to view client information and keep track of reservations depends on this system.
The process of inquiry began immediately after U-Haul discovered the breach. Meanwhile, the organisation launched a comprehensive plan to improve the security of the compromised accounts.
The organisation reinforced security measures and promptly reset passwords following a recent data breach affecting 5,000 accounts. Additional security measures have been implemented to prevent such problems in the future.
The compromised individuals will receive a complimentary one-year identity theft protection program, along with detailed registration instructions in the emails.
Phishing Tackle offers a free 14-day trial to help train your users to avoid these types of attacks and test their knowledge with simulated attacks using various attack vectors. By focusing on training your users to spot these types of attacks, rather than relying solely on technology, you can ensure that your organization is better prepared to defend against cyber threats and minimize the impact of any successful attacks.