Car rental giant Sixt hit by cyberattack, customers told to expect delays

Germany-based rental car giant Sixt has confirmed it’s been hit by a cyberattack that has caused widespread disruption to its global operations.

According to a statement from Sixt, which has more than 2,000 locations across over 110 countries, the company first detected “IT irregularities” on April 29, before subsequently confirming the cyberattack and containing it at an “early stage.” Sixt has not said what kind of cyberattack it experienced but said it launched an investigation with both internal and external experts.

“Access to IT systems was immediately restricted and the pre-planned recovery processes were initiated,” Sixt said. “Many central Sixt systems, in particular the website and apps were kept up and running. Thereby, impacts on the company, its operations and services have been minimized to provide business continuity for customers.

While Sixt claims the impact on its global operations has been limited, the company noted on Monday that temporary disruptions affecting certain areas of the business, including customer care, are “likely to occur in the short term.”

These problems appear to be ongoing. TechCrunch attempted to call Sixt’s reservation lines in the U.S. and the U.K but both appeared to be disconnected at the time of writing, and reports across social media suggest customers have been left without support after rented cars have broken down. According to German media, several Sixt branches in Germany have also been forced to process the majority of bookings manually using pen and paper.

TechCrunch asked Sixt whether it could confirm whether the incident was the result of ransomware, but the company declined to answer our questions. The company also declined to say whether customer or employee data was accessed during the intrusion, if it has the means to detect if there was malicious access, and if it had notified the relevant authorities.