U-Haul reports data leak that reveals driver’s license information

U-Haul International (U-Haul), a truck, trailer and self-storage rental company with more than 23,000 locations in the United States and Canada, has reported a data leak after a customer contract search tool was hacked, allowing hackers to access customer names and driver’s license information.

The attacker gained access to the U-Haul rental contracts search portal after compromising two “unique passwords.” Although the company did not specify how the login credentials were compromised, they were changed after the breach was discovered to prevent further suspicious attacks.

U-Haul also stated that no credit card information was accessed or obtained as a result of the attack, as the affected search tool does not allow users to enter payment card information. The company offered affected users free identity theft protection through Equifax for a year to help them in detecting when or if their personal information is being misused.

After an investigation that began on July 12 after the intrusion was discovered, the company found on August 1 that attackers gained access to some customers’ rental contracts between November 5, 2021, and April 5, 2022.

The source of this piece includes an article in BleepingComputer.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web