Rental car company Sixt confirms cyber attack, leaves scores of UK customers in the dark

Leading rental car company Sixt has confirmed a cyber attack that has affected its operations and reportedly caused a number of branches to take bookings using pen and paper.

Sixt said the attack started on Friday 29 April and “was able to contain [it] at an early stage”, though customer reports still suggest that the company is battling to recover fully.

Since the attack took hold, UK customers have been unable to contact the company via email or phone and some have been left without roadside support after rented cars have broken down.

Sixt confirmed to IT Pro that it does not believe any customer data was accessed or stolen, and "the question of customer data was the first we addressed", it said. Sixt added that it would notify customers "immediately" if that understanding changes.

The company also confirmed that it reported the incident to all the relevant regulators and authorities, but could not reveal any further details at this stage. 

IT Pro asked for clarity on whether the attack was ransomware, or of another nature, and for more details on the global impact on the business but Sixt declined to comment.

At the time of writing, phone lines connecting to its Germany head office appeared to be disconnected or malfunctioning and UK phone lines were connected but rang out.

Related Resource

The truth about cyber security training

Stop ticking boxes. Start delivering real change.

Free download

The company has not confirmed what kind of cyber attack it has suffered but has begun an investigation with both “internal and external experts”, it said in an announcement.

“As a standard precautionary measure, access to IT systems was immediately restricted and the pre-planned recovery processes were initiated,” Sixt said on Sunday. “Many central Sixt systems, in particular the website and apps, were kept up and running. 

“Thereby, impacts on the company, its operations and services have been minimised to provide business continuity for customers. However, temporary disruptions, in particular in customer care centres and selective branches, are likely to occur in the short term.”

According to customer reports, the company has been unresponsive for a number of days, including on social media, and local media reports in Germany indicated that branches resorted to using pen and paper to take bookings on Friday.

The only Sixt-affiliated Twitter account responding to user queries related to service outages is the Netherlands-based account with others having not Tweeted since before the cyber attack.

Sixt is one of the biggest rental car companies in the world, operating more than 240,000 vehicles across more than 400 cities in 50 countries worldwide.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download