Avis car rental breach affected almost 300,000 customers

In Data Breach News, News
September 10, 2024
Avis car rental breach affected almost 300,000 customers

If you rented a car from Avis, you may be receiving a notification letter about an August data breach they experienced. Bleeping Computer explains:

American car rental giant Avis notified customers that unknown attackers breached one of its business applications last month and stole some of their personal information.

According to data breach notification letters sent to impacted customers on Wednesday and filed with California’s Office of the Attorney General, the company took action to stop the unauthorized access, launched an investigation with the help of external cybersecurity experts, and reported the incident to relevant authorities after learning of the breach on August 5.

Read more at Bleeping Computer. TechCrunch adds information from an Avis filing with the Iowa Attorney General’s Office:

Once Avis completed its review, it determined that personal information affected by the incident varies by customer but could have included: name, mailing address, email address, phone number, date of birth, credit card number and expiration date, and driver’s license number.

Avis has established a dedicated call center to answer questions related to this incident. Individual notifications sent via U.S postal mail began on September 5, 2024. Avis is offering these individuals one year of complimentary credit monitoring service, including with identity detection and resolution of identity theft. A sample individual notice is attached.

Updated at 7:30 am EDT to correct statement that Avis had not disclosed types of information and to provide their statement to Iowa.