IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Rental car company Sixt confirms cyber attack, leaves scores of UK customers in the dark

The rental car giant announced a cyber attack on Sunday and has been largely uncontactable for days, but insists disruption is temporary and minimal

Leading rental car company Sixt has confirmed a cyber attack that has affected its operations and reportedly caused a number of branches to take bookings using pen and paper.

Sixt said the attack started on Friday 29 April and “was able to contain [it] at an early stage”, though customer reports still suggest that the company is battling to recover fully.

Since the attack took hold, UK customers have been unable to contact the company via email or phone and some have been left without roadside support after rented cars have broken down.

Sixt confirmed to IT Pro that it does not believe any customer data was accessed or stolen, and "the question of customer data was the first we addressed", it said. Sixt added that it would notify customers "immediately" if that understanding changes.

The company also confirmed that it reported the incident to all the relevant regulators and authorities, but could not reveal any further details at this stage. 

IT Pro asked for clarity on whether the attack was ransomware, or of another nature, and for more details on the global impact on the business but Sixt declined to comment.

At the time of writing, phone lines connecting to its Germany head office appeared to be disconnected or malfunctioning and UK phone lines were connected but rang out.

Related Resource

The truth about cyber security training

Stop ticking boxes. Start delivering real change.

Pair of feet in socks with a chair and plant in the backgroundFree download

The company has not confirmed what kind of cyber attack it has suffered but has begun an investigation with both “internal and external experts”, it said in an announcement.

“As a standard precautionary measure, access to IT systems was immediately restricted and the pre-planned recovery processes were initiated,” Sixt said on Sunday. “Many central Sixt systems, in particular the website and apps, were kept up and running. 

“Thereby, impacts on the company, its operations and services have been minimised to provide business continuity for customers. However, temporary disruptions, in particular in customer care centres and selective branches, are likely to occur in the short term.”

According to customer reports, the company has been unresponsive for a number of days, including on social media, and local media reports in Germany indicated that branches resorted to using pen and paper to take bookings on Friday.

The only Sixt-affiliated Twitter account responding to user queries related to service outages is the Netherlands-based account with others having not Tweeted since before the cyber attack.

Sixt is one of the biggest rental car companies in the world, operating more than 240,000 vehicles across more than 400 cities in 50 countries worldwide.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021
ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
How full-stack observability can accelerate IT innovation
Sponsored

How full-stack observability can accelerate IT innovation

3 May 2022