U-Haul has begun notifying potentially impacted customers after they identified a breach in their network. According to the company, an unknown attacker managed to compromise two unique passwords that were used to access the customer contract tool that allows access to rental contracts for U-Haul customers. U-Haul does not store payment data, so credit cards were not impacted in the breach. The attacker managed to steal data from contracts from November 2021 until April 2022. Data included renters’ names, driver’s license numbers, and state identification numbers.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in