Moved lately? U-Haul breach leaks 2.2M driver’s license numbers

September 15, 2022

By Kim Komando

Moving all your possessions into another home is one of the most stressful things you can do. Packing up, ensuring that nothing breaks during transit and unpacking on the other side should be your only worries.

Unfortunately, your stress could increase if you have used U-Haul recently. A data breach has left the company scrambling to contain the fallout, and hackers might have your details. Tap or click here for five apps to make managing stress and anxiety easier right now.

Read on for details on this breach and what you should do next.

Here’s the backstory

In a statement to customers, the moving U-Haul explained that cybercriminals used two compromised passwords to access its customer contract search tool. This is an internal system that U-Haul uses to store the details of customers, where they live and what vehicle they rent.

The company quickly pointed out that the hackers didn’t access bank card information and that it doesn’t involve financial, payment processing or U-Haul email systems. However, the criminals breached some rental contracts from Nov. 5, 2021, to April 5, 2022, containing names, birth dates, and driver’s license numbers.

In the statement, U-Haul explains that the breach was discovered in July this year and launched a full-scale investigation, which wrapped up in August. After the investigation, U-Haul was able to identify which customers were impacted.

What you can do about it

The number of impacted customers is estimated at just over 2 million. Yikes!

If you rented a U-Haul during the period in question, keep your eyes peeled for a letter from the company. U-Haul said if you don’t receive a letter from it, your data was not involved.

In addition, U-Haul is offering complimentary membership to credit monitoring and identity protection services from Equifax for those impacted.

It’s essential to be proactive in protecting your data and finances now. Due to the breach, you must review your banking statements and credit reports carefully. Keep an eye out for unauthorized activity and immediately notify your bank if you see anything suspicious.

Whenever there is a significant data breach like this, there are safety precautions you should take.

First, beware of phishing emails hitting your inbox. Scammers piggyback on breaches by sending emails to trick you into clicking malicious links that supposedly have important information. Those links will infect your device with malware, trick you into handing over sensitive data or both.

Next, check haveibeenpwned.com. Enter your email address into this online database to reveal which data breaches you might be involved in. Tap or click here to learn how to use this helpful tool.

Finally, always have a trusted antivirus program updated and running on all your devices. This will help protect against malicious links and websites. We recommend our sponsor, TotalAV. Get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

Scam alert: 5 most costly data breaches (plus 5 states most targeted)

Bank data breach exposes 1.5 million Social Security numbers