Storage and moving firm U-Haul says that while a hacker stole drivers' license numbers from its database, it insists no credit card details were stolen.
U-Haul has disclosed some details of a data breach, and directly notified the customers affected. Unlike most previous hacks of various firms, it has not revealed the number of customers involved.
According to BleepingComputer, U-Haul's email to affected customers says that the company "detected a compromise of two unique passwords" that were used to breach the rental system's customer search tool.
"On August 1, 2022, our investigation determined some rental contracts were accessed between November 5, 2021, and April 5, 2022," says the email. "After an in-depth analysis, our investigation determined on September 7, 2022, the accessed information includes your name and driver's license or state identification number."
"The safety and trust of our customers, including the protection of personal information, is a top priority for U-Haul Company and we take that responsibility very seriously," it continues. "While the information accessed in this incident did not include payment card information, we fully understand this is an inconvenience to you."
"We sincerely apologize for that," says U-Haul's email. "Please know we are working diligently to further augment our security measures to guard against such incidents and implementing additional security safeguards and controls on the search tool."
The company is also "offering affected customers identity theft protection services through Equifax for one year."
U-Haul does not give any details of how many customers it has overall, but does claim to be the only such firm "that operates in all 50 US states and 10 Canadian provinces."
It's the third-largest self-storage operator in the US, and for removals it operates around 186,000 trucks, plus 128,000 trailers, and 46,000 towing devices.