Rental car company Sixt confirms cyber attack, leaves scores of UK customers in the dark

Leading rental car company Sixt has confirmed a cyber attack that has affected its operations and reportedly caused a number of branches to take bookings using pen and paper.

Sixt said the attack started on Friday 29 April and “was able to contain [it] at an early stage”, though customer reports still suggest that the company is battling to recover fully.

Since the attack took hold, UK customers have been unable to contact the company via email or phone and some have been left without roadside support after rented cars have broken down.

Sixt confirmed to IT Pro that it does not believe any customer data was accessed or stolen, and "the question of customer data was the first we addressed", it said. Sixt added that it would notify customers "immediately" if that understanding changes.

The company also confirmed that it reported the incident to all the relevant regulators and authorities, but could not reveal any further details at this stage. 

IT Pro asked for clarity on whether the attack was ransomware, or of another nature, and for more details on the global impact on the business but Sixt declined to comment.

At the time of writing, phone lines connecting to its Germany head office appeared to be disconnected or malfunctioning and UK phone lines were connected but rang out.

Related Resource

The truth about cyber security training

Stop ticking boxes. Start delivering real change.

Free download

The company has not confirmed what kind of cyber attack it has suffered but has begun an investigation with both “internal and external experts”, it said in an announcement.

“As a standard precautionary measure, access to IT systems was immediately restricted and the pre-planned recovery processes were initiated,” Sixt said on Sunday. “Many central Sixt systems, in particular the website and apps, were kept up and running. 

“Thereby, impacts on the company, its operations and services have been minimised to provide business continuity for customers. However, temporary disruptions, in particular in customer care centres and selective branches, are likely to occur in the short term.”

According to customer reports, the company has been unresponsive for a number of days, including on social media, and local media reports in Germany indicated that branches resorted to using pen and paper to take bookings on Friday.

The only Sixt-affiliated Twitter account responding to user queries related to service outages is the Netherlands-based account with others having not Tweeted since before the cyber attack.

Sixt is one of the biggest rental car companies in the world, operating more than 240,000 vehicles across more than 400 cities in 50 countries worldwide.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download