Hertz has confirmed a data breach affecting an unknown number of its customers after hackers stole personally identifiable information (PII) over a period of three months. The breach occurred through one of its vendors, government contractor Conduent. Customers impacted are located in the United States, European Union, United Kingdom, Australia, and Canada. The attack exploited a zero-day vulnerability in Cleo software, leading to the exposure of customer information. Hertz has acknowledged the incident and is addressing the security lapse. Separately, entertainment services company Legends International also disclosed a data breach.