U-Haul suffers data breach, personal info exposed

Moving and storage giant U-Haul International discovered a data breach after a customer contract search tool was hacked to access customers' names and driver's license information.

Following an incident investigation started on July 12 after discovering the breach, the company found on Aug. 1 that attackers accessed some customers' rental contracts between Nov. 5, 2021, and Apr. 5, 2022.

After an in-depth analysis, our investigation determined on September 7, 2022, the accessed information includes your name and driver's license or state identification number.

The attacker accessed the U-Haul rental contracts search portal after compromising two "unique passwords."

While it didn't explain how the credentials were compromised, the company changed them after the breach was detected to block additional malicious activity.

U-Haul commented on the cyber security incident:

U-Haul email and customer facing websites were not affected by this incident. We want to assure you that it is safe to conduct business with our company and there has been no impact to business operations.

The other day, a leading British PVC manufacturer Eurocell contacted current and former employees to inform them about a “substantial” data breach.