U-Haul reveals data breach affecting 67K customers

1 min read


  • U-Haul, a rental company, has notified 67,000 customers of a data breach that occurred in December.
  • No credit card information was accessed in the breach.

U-Haul recently announced that 67,000 customers were impacted by a data breach that took place in December. The breach involved unauthorized access to a system used by U-Haul dealers and team members to track customer reservations. Personal information such as names and driver’s license information of certain individuals was accessed, but credit card information was not compromised in the breach. This incident marked the second breach for U-Haul, indicating a potential issue with stolen credentials. The company is offering affected customers a complimentary one-year membership to Experian IdentityWorks to safeguard against potential fraud or identity theft.

The breach was discovered on December 5 when an unauthorized actor used legitimate credentials to access the system. U-Haul initiated an investigation with a cybersecurity firm and discovered that certain customer records had been compromised. Despite not accessing credit card information, U-Haul is taking precautionary measures to ensure the security of its customers’ data moving forward, including considering the implementation of mandatory multifactor authentication across all accounts.

Security experts recommend remaining vigilant for any signs of fraud or identity theft in the aftermath of a data breach. Subscribers of U-Haul’s services are encouraged to review their records regularly and take necessary steps to protect themselves. As the company works to address the breach and strengthen its security measures, customers are advised to stay informed and proactive in safeguarding their personal information.

Previous Story

UnitedHealth Group cyber attack causing major pharmacies to halt operations

Next Story

New NIST CSF 20 – Hot off the press

Latest from News

US sanctions Kaspersky Lab for Russia ties

TLDR: The Biden administration announced sanctions against 12 executives and senior leaders of Kaspersky Lab, a Russia-based cybersecurity company. The Commerce Department banned Kaspersky