Truck and trailer rental company U-Haul said on Friday that some customers in the U.S. and Canada were affected by a data breach in December. An “unauthorized party” used “legitimate credentials” to access a system that U-Haul dealers use to track reservations and view customer records, the company said in a regulatory filing with the state of Maine. The original posting did not include the number of affected persons, but a U-Haul spokesperson told Recorded Future News that the incident involved the data of about 67,000 in the U.S. and Canada. The breached data included driver’s license numbers and other identification card numbers. The incident did not involve the company’s payment system, U-Haul said. The spokesperson did not respond to questions about the specific details of the incident. The regulatory filing said U-Haul discovered the breach on December 5, determined the extent of it the following day and began notifying affected customers on Thursday. An unnamed cybersecurity company is helping investigate the incident, and victims can access free credit-monitoring services, U-Haul said. “To help prevent a similar incident in the future, we have and will continue to take steps to enhance security measures, including changing passwords for affected accounts and implementing additional security safeguards and controls,” U-Haul said in its letter to affected Maine residents. U-Haul previously reported a five-month data breach in 2022. In addition to its famous orange trucks and trailers, the company also rents and sells moving supplies and self-storage spaces.
Get more insights with the
Recorded Future
Intelligence Cloud.
Joe Warminsky
is the news editor for Recorded Future News. He has more than 25 years experience as an editor and writer in the Washington, D.C., area. Most recently he helped lead CyberScoop for more than five years. Prior to that, he was a digital editor at WAMU 88.5, the NPR affiliate in Washington, and he spent more than a decade editing coverage of Congress for CQ Roll Call.