avis cyber attack

Car rental giant Avis has warned hundreds of thousands of customers that their sensitive data was stolen in a major cyberattack that took place in August.

In a letter sent to customers, the New Jersey-based car rental company revealed that the breach involved a business application targeted by, those who were able to access the personal details of approximately 300,000 customers.

The attack began on 3rd August and was discovered by the company two days later, on 5th August. After discovering the cyber attack.

Avis immediately took steps to end the unauthorized access, notified authorities and began an internal investigation of its systems with help from cybersecurity experts.

“Since the incident occurred, we have worked with cybersecurity experts to develop a plan to enhance security protections for the impacted business application,” the company wrote in its letter to impacted customers. 

“In addition, we have taken steps to deploy and implement additional safeguards onto our systems,” it added.

Hackers detected in 3 Days

According to Avis’ notice to Maine’s attorney general’s office, data stolen by hackers varied by customer. The exposed data included included names, mailing addresses, email addresses, dates of birth, phone numbers, driver’s license information and credit card numbers.

An investigation revealed that the attackers had access to Avis's business systems for three days before Avis evicted the malicious actor from its systems and blocked its access. 

avis cyber attack breach notification
Section of Avis’ notice to Maine’s attorney general’s office. 

Akhil Mittal, senior manager at the Synopsys Software Integrity Group, said this quick action to remove the perpetrators once the breach was identified likely prevented further damages and impact for customers. 

Avis’ quick action to remove the attackers within three days and bring in external cybersecurity experts to improve their defences is a positive sign, Mittal said. 

“In many cases, breaches go undetected for weeks or even months, so catching this early likely helped limit the damage.”

“Going forward, the focus should be on being open with customers about what happened and what data might be at risk. On the security side, this is a chance to strengthen defences and ramp up proactive threat hunting to prevent future incidents,” Mittal added.

Automobile industry in the hot seat

Avis Car Rental is part of Avis Budget Group, Inc., a car rental agency holding company based in Parsippany, New Jersey. It operates approximately 5,500 locations in more than 165 countries and is one of the largest car rental companies in the United States. 

There have been several cyberattacks targeting the automobile industry in North America in recent months, including the June ransomware attack on CDK Global, which impacted thousands of car dealers across North America.

"Car dealerships hold lots of valuable data, especially considerable financial information, making them a prime target for cybercriminals to try to gain access to and exploit security gaps to steal sensitive data,” Andrew Lintell, General Manager EMEA at Claroty told EM360Tech at the time. 

“Proactivity through comprehensive risk assessments, stringent access controls, and continuous monitoring are key.” 

“Organisations must maintain constant vigilance of all suppliers and be aware of potential vulnerabilities to prioritise the actions that must be taken to ensure operational resilience.”

As Avis continues to notify customers, affected individuals are being advised to monitor their financial accounts and credit reports closely for any signs of suspicious activity. The company is offering affected customers one year of credit monitoring services to help mitigate the potential risks associated with the data breach.

The full extent of the breach is not yet known as the investigation is still ongoing.