Customers who booked with Sixt Rent a Car over the past month have been affected by a large-scale system outage following an intrusion into their IT systems, but it looks like the company is finally close to fixing most of the issues.
Initially, this hacking attack shut down the entire Sixt infrastructure and they had to fill in rental contracts by hand and couldn’t charge for rental until last week.
Sixt has now been working for weeks to repair the damage caused by this attack which must have cost them a fortune and things are slowly starting to get back on track.
I first wrote about what is happening at sixth end of April and just now – FOUR weeks later – they are starting to get the situation under control.
Sixt Rent A Car is suffering from a worldwide system outage causing chaos at rental locations – Check your contract/invoice!
Since then, I have had four rentals with Sixt. Two in the United States and two in Germany. The rental contracts were all completed by hand and I received my very first invoice today for a rental from the third week of April. I’m sure it caused a lot of billing issues as well, especially with businesses.
Sixt has so far been unable to send a return protocol certifying that the car was filled with gas and in good condition without any damage. This required customers who wanted to play it safe to take many photos or videos of the vehicle.
When I picked up a car at Frankfurt Airport on May 19, the contract was again handwritten. A friend of mine also took a car there yesterday and he finally got a printed contract, a sign that computers are slowly coming back online.
When customers log in to their (German) profile, they can now see and manage their reservations again. However, this is still not available in the English version of the site.
Another rather confusing thing, the reservations manager showed that the cars were late for the return and had been returned days or even weeks ago. Hopefully this doesn’t turn into another disaster like all the Hertz customers who suddenly get arrested because Hertz reported them to the police as car thieves.
It was also virtually impossible to book cards using a corporate rate until ~May 16, which frustrated many customers as public rates (even for Platinum and Diamond members) were often 2-3x more higher than those negotiated by their company.
This attack therefore caused great inconvenience and damage to Sixt and its customers. I was very surprised that Sixt just distributed cars without any major precautions. At least for customers who have a Sixt card. I cannot speak to the documentation and warranties they have taken from customers who have no existing affiliation with the company.
They only authorized $1 in all cases on my credit card rather than the full amount and we are talking about vehicles that cost over $80,000. I guess at some point Sixt had to decide how freely they could play while keeping the business somewhat orderly.
Conclusion
Sixt’s IT issues appear to be on the verge of being resolved, but it took the company more than a month of painstaking and costly work by IT experts who were most likely experts on these issues recruited from the company. outside rather than dealing with it internally. Having in-house cybersecurity experts able to deal with targeted attacks and such an amount of damage is very rare.
Germany currently has a whole range of IT problems in large companies. Just this week, there was a widespread outage of payment processors, preventing businesses such as gas stations and regular retailers from accepting card payments for several days. Given the situation in the world today, we are likely to see more of this, and in many cases it will likely be government sponsored.