U-Haul Data Breach Compromises Personal Information of 67K Customers

Written by Mitchell Langley

February 26, 2024

U-Haul Data Breach Compromises Personal Information of 67K Customers

U-Haul has recently informed a 67K of customers about a data breach that occurred last year.  

The U-Haul Data Breach has hit the truck and trailer rental services, that has confirmed that approximately 67,000 customers from the United States and Canada were affected by the incident. The breach occurred between July 20 and October 2 of the previous year.

U-Haul has initiated the process of notifying affected customers via email regarding the unauthorized access of their data in the cyberattack.

“U-Haul learned on December 5, 2023, that legitimate credentials were used by an unauthorized party to access a system U-Haul Dealers and Team Members use to track customer reservations and view customer records,”

“We initiated our response protocol and a cybersecurity firm was engaged to conduct an investigation.”

U-Haul

“The investigation identified specific customer records that were accessed, including one of your records,” the company says in the notification to customers.

Sensitive Personal Information Compromised in U-Haul Data Breach

The customer records that were compromised in the breach contained sensitive information such as full names, dates of birth, and driver’s license numbers. U-Haul has emphasized that the breached system does not include their payment system, ensuring that hackers were unable to access payment card data.

To ensure customer security, U-Haul has taken several measures in response to the incident. They have reset passwords for all affected accounts as a precautionary measure. Additionally, the company has implemented enhanced security measures and controls to prevent similar incidents from happening again in the future.

Customers who have received the data breach notification will be provided with a one-year identity theft protection service. The notification letters will include detailed instructions on how to enroll for this service. It is important to note that the threat actor involved in the breach did not gain access to U-Haul’s payment network. Therefore, customer card details remain secure and unaffected by the incident.

“We take the privacy of information under our care seriously. To help prevent a similar incident in the future, we have and will continue to take steps to enhance security measures, including changing passwords for affected accounts and implementing additional security safeguards and controls,” the breach noticed continued.

“As a precaution, we are offering you a free one-year membership with Experian IdentityWorksSM Credit 3B. This product helps detect any misuse of your personal information and provides you with identity protection services that focus on immediate identification and resolution of any instance of identity theft.”

Regrettably, at the time of writing, the U-Haul website is experiencing technical difficulties and is unavailable. The specific cause of this issue is currently unknown.

Related Articles

Daixin Ransomware Claims Omni Hotels Cyberattack

Daixin Ransomware Claims Omni Hotels Cyberattack

The Daixin Team ransomware gang has taken responsibility for a recent cyberattack on Omni Hotels & Resorts and is currently issuing threats to publish sensitive customer information unless a ransom is paid. This development comes after the hotel chain experienced...

Stay Up to Date With The Latest News & Updates

Join Our Newsletter

 

Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!