The car-rental company Hertz is warning its customers that a data breach exposed personal information including driver’s licenses, credit-card data, contact information and in some cases social security or passport numbers.
The company said that hackers breached Cleo Communications, a company that it works with for file transfers.
The company said in a “Notice of Data Incident” statement (PDF) on its website: “We completed this data analysis on April 2, 2025, and concluded that the personal information involved in this event may include the following: name, contact information, date of birth, credit card information, driver’s license information and information related to workers’ compensation claims. A very small number of individuals may have had their Social Security or other government identification numbers, passport information, Medicare or Medicaid ID (associated with workers’ compensation claims), or injury-related information associated with vehicle accident claims impacted by the event.”
WK Kellogg (yes, the cereal company) was apparently affected as well by the same window of data vulnerability that Hertz says took place between October and December 2024. Hertz says it became aware of the breach on Feb. 10.
For customers, Hertz is offering two years of identity-theft protection with Kroll and included a phone number to contact for information on the breach, 866-408-8964.
A message to Hertz about the breach was not immediately returned.
