Cybercriminals are targeting U-Haul employee accounts to dox and exploit customer data

Hackers are reportedly exploiting access to U-Haul employee accounts to obtain customer information for doxing, hacking, and potential violence, according to findings shared by 404 Media. The underground hacking community, known as “The Com,” has been leveraging phishing tools to clone U-Haul’s point-of-sale (POS) login pages, gaining access to sensitive customer data, including names, addresses, phone numbers, and billing details.

This information is often used to launch other attacks, such as social engineering to access online accounts or targeting individuals with harm. The Com, which primarily operates on platforms like Telegram and Discord, has previously been linked to SIM swapping, cryptocurrency theft, and corporate hacking.

The phishing tool, Suite, developed by a user called Pontifex, facilitates harvesting credentials for U-Haul accounts alongside other services like Gmail and Coinbase. The advertisements for these hacked logins are often posted in fraud-focused Telegram channels. “U-Haul has lots of information, it can be used for all sorts of stuff,” Pontifex stated, further explaining how the stolen data can also be used to access email accounts from major ISPs like Comcast.

This breach isn't new - U-Haul has experienced multiple of these attacks in recent years. In 2022, hackers accessed internal tools to fish customer contracts, and in 2024, attackers reportedly used legitimate credentials to infiltrate dealer systems to view reservations and records.

Despite repeated requests for comment, U-Haul has remained silent on these issues, 404 Media states. Incidents such as these are reminders of how even seemingly unrelated businesses can be targeted by cybercriminals to harvest personal data.