Login credentials compromised in cyber attack on U-Haul Dealer and Team Member system
U-Haul, a prominent moving and storage company, has recently confirmed a significant data breach that exposed sensitive information of approximately 67,000 customers in the United States and Canada. The breach, which occurred on December 5, was a result of a successful cyber attack by an unnamed threat actor who managed to steal login credentials for U-Haul’s Dealer and Team Member system.
The company issued breach notification emails to the affected customers, disclosing that the compromised system, used for tracking reservations and managing customer records, was the target of the security breach. Fortunately, U-Haul emphasized that no payment data was compromised, as the breached customer record system is distinct from the payment system.
In the aftermath of the breach, U-Haul remains tight-lipped about specific details, leaving uncertainties about the nature of the attack. It is unclear whether this incident involved data theft exclusively or if ransomware was a factor. Additionally, details surrounding the method used by the attackers to obtain login credentials remain undisclosed.
In response to the breach, U-Haul has implemented security measures to prevent future incidents. Changes include the issuance of new passwords for all compromised accounts, aimed at bolstering the overall security posture of the affected systems.
To mitigate the impact on affected customers, U-Haul has taken proactive steps by offering them a complimentary one-year membership with Experian. This service will enable customers to monitor and safeguard their digital identities, providing an added layer of protection against potential identity theft or misuse of personal information.
As investigations into the breach continue, U-Haul reassures its customers of its commitment to strengthening security measures and maintaining the privacy and integrity of customer data.
Reference:
