Historically This Is Never A Good Move
The computer systems at Avis were hacked on August 3rd and were not secured again until August 6th. They let some customer know on September 5th that they may have been affected, but unfortunately it is hard to tell if they reached out to everyone that may have had their data stolen. The other mystery is what was taken, as according Bleeping Computer the emails Avis sent out, “the attacker stole some customers’ personal information, including their names and other undisclosed sensitive data.” Even after several follow ups Avis would not reveal what that undisclosed sensitive data might be.
It has never proven to be a good idea to hide what data was stolen from their customers, people become quite upset when they don’t know just what a hacker managed to steal. It could be enough to steal a customers identity, or it could contain some details which make it slightly easier to impersonate them, maybe it’s just partial credit card data. Regardless, not disclosing what was taken and only offering general advice on checking your account statements and credit history by yourself is not going to ingratiate Avis with their customers.
We can only hope that Avis realizes their mistake and lets customers know what happened before a class action lawsuit hits the courts.
