Sixt acknowledging customer data leak
#1
FlyerTalk Evangelist
Original Poster
Join Date: Jun 2003
Location: YYC
Posts: 23,803
Sixt acknowledging customer data leak
I received an e-mail from sixt, with dwtails of the attack on their computers. Relevant part:
Forensic Examination:
With immediate effect, we also began a forensic investigation of our systems by internal and external IT security experts. We were able to determine that the existing IT security precautions and the rapid intervention of our internal and external IT specialists prevented further damage; our central customer databases or payment systems were not accessed. Unfortunately, however, our analyses have shown that some data was copied by the attackers, including individual customer data. Promptly after this discovery, Sixt informed the relevant supervisory and investigative authorities and reported an offence. The ongoing evaluation of the incident revealed, to our regret, that files containing your data were also affected.
In your case, this concerns certain customer master data such as first and last name, customer card number and general contact data (such as address and e-mail address). At present, it cannot be ruled out that further individual information, resulting from documents in connection with car rental bookings, may also be affected (in particular rental period, payment method as well as location or driving licence number).
Your password and your credit card number are not affected.
Forensic Examination:
With immediate effect, we also began a forensic investigation of our systems by internal and external IT security experts. We were able to determine that the existing IT security precautions and the rapid intervention of our internal and external IT specialists prevented further damage; our central customer databases or payment systems were not accessed. Unfortunately, however, our analyses have shown that some data was copied by the attackers, including individual customer data. Promptly after this discovery, Sixt informed the relevant supervisory and investigative authorities and reported an offence. The ongoing evaluation of the incident revealed, to our regret, that files containing your data were also affected.
In your case, this concerns certain customer master data such as first and last name, customer card number and general contact data (such as address and e-mail address). At present, it cannot be ruled out that further individual information, resulting from documents in connection with car rental bookings, may also be affected (in particular rental period, payment method as well as location or driving licence number).
Your password and your credit card number are not affected.