Hertz disclosed a data breach impacting thousands of customers after cybercriminals exploited a zero-day vulnerability in software vendor Cleo’s file transfer platform in October and December 2024. Although Hertz’s internal systems weren’t compromised, sensitive data—including names, birthdates, contact details, driver’s license numbers, Social Security numbers, and financial records—was stolen. The Clop ransomware gang is believed to be responsible. The breach affected over 100,000 individuals in the U.S., with global impact likely much higher. Hertz has urged customers, especially those who rented vehicles from October–December 2024, to remain vigilant against identity theft and fraud.