back to article Avis alerts nearly 300K car renters that crooks stole their info

Avis Rent A Car System has alerted 299,006 customers across multiple US states that their personal information was stolen in an August security breach. The digital break-in occurred between August 3 and August 6, according to the car rental giant in filings with the Maine and California attorneys general. On August 14, Avis …

  1. Eponymous Bastard
    Facepalm

    Compensation?

    Avis will be paying compensation to all those affected of course.

  2. chivo243 Silver badge
    Meh

    Dodged a Bullet, this time!

    The last time I use Avis, was 7 years ago, I used a now defunct credit card, and my European DL. In July, I needed to rent a car, one way, from Colorado back east. None available at any company for one way rental except Avis, but they wanted a small fortune, and I passed. Bought a used car instead...

    Won't be using Avis again...

    1. cd

      Re: Dodged a Bullet, this time!

      In the US, cheapest one-ways I know of are moving trucks.

      Thete were "drive away" companies that would reposition cars for students and rental companies, but they seem to be mostly gone these days.

      1. chivo243 Silver badge
        Unhappy

        Re: Dodged a Bullet, this time!

        Not even U-haul had cross country rentals at that time...

      2. druck Silver badge

        Re: Dodged a Bullet, this time!

        By the time you've paid for the gas for the truck, it probably doesn't come out any cheaper.

  3. Anonymous Coward
    Anonymous Coward

    No matter how secure...

    It doesn't seem to matter how secure the IT infrastructure is, it only takes one (overly trusted) insider with privileges to steal that data.

    I'm sure that many of the cold call scams start with a call centre insider, copying out customer data.

  4. Androgynous Cow Herd

    Free credit monitoring!

    At this point - I believe that no one in the world should ever have to pay for credit monitoring again. The various credit reporting agencies should be forced to provide it to any user in their database, (after hopefully verifying the identity of the querant ) .

    The credit system, as it stands, has now been breeched sooooo many times that you could probably accomplish a more accurate credit check on the darkweb anyway.

  5. Bilby

    I am underconvinced that the best remedy for having had your personal information stolen from Avis, is to provide your personal information to Equifax.

    https://www.theregister.com/2017/09/07/143m_american_equifax_customers_exposed/

  6. Sparsely the Lion
    Joke

    Avis

    > Avis Rent A Car System has alerted 299,006 customers across multiple US states that their personal information was stolen in an August data breach.

    That's gotta Hertz.

  7. It depends.....

    Can anyone confirm if this affects AVIS customers in the US only, or globally?

    UK-based Reg reader here. I rented a car from AVIS in Dublin at the start of August this year, so it sounds like this breach happened after my rental completed. I must admit that I was not impressed with them anyway - having paid for the 4-day hire in advance, using a stash of Avios in order to bring the entire rental price down to under £50, they kindly charged my Mastercard for the full hire when I returned the car to Dublin Airport (you need to supply your Credit Card to guarantee insurance - or in other words, in case you scratch or damage the car, they use the card shown to bill you). After I contacted them to point out their error, they then took 28 days to refund me.... hmmm.... call me cynical, but this struck me as quite a nice "revenue-generator-on-the-side" if they can get away with doing this to several hundred customers a month and benefit from all of that lovely accrued interest...

    1. Anonymous Coward
      Anonymous Coward

      I’m uk based and got the notification, looks like a lot of PII and CC data was taken.

      I think I’ll be writing to the ICO tomorrow…

      1. Phil O'Sophical Silver badge
        Unhappy

        Me too. Now I need to check if the CC they have was my old business one, or my current personal one.

    2. TheCleaner

      U.K. here and got the email

      What personal data was involved?

      We determined on 14 August 2024, that your personal data was obtained by the unauthorised third party, which included your name and your postal address, email address, driver's license, credit card number and expiration date, date of birth, and phone number.

      Lovely

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like