Customers who had a reservation with Sixt Rent a Car during the past month were affected by a large-scale system outage as a result of an intrusion into their IT systems but it appears that the company is on the way to finally get most problems fixed.
Initially this hacking attack shut the entire Sixt infrastructure down and they had to fill in rental contracts by hand as well as being unable to invoice any rental until as recently as last week.
Sixt has now worked for weeks to fix the damages caused by this attack which must have cost them a fortune and things are slowly starting to come back online.
I first wrote about whats going on at Sixt in late April and just now – a whole FOUR weeks later – they’re starting to get things under control.
Since then I had four rentals with Sixt. Two in the U.S. and two in Germany. Rental contracts were all filled out by hand and I received my very first invoice today that was for a rental in the third week of April. I’m sure this has also caused plenty of billing issues especially with companies.
Sixt was so far unable to send out any return protocol certifying that the car was filled with gas and in proper condition without any damages. This required customers who want to play it safe to take plenty of pictures or video of the vehicle.
When I picked up a car at Frankfurt Airport on May 19th the contract once again was written by hand. Yesterday a friend of mine picked up a car there as well and he finally obtained a printed contract which is a sign that the computers are slowly coming back online.
When customers log into their (German) profile they can now also see and manage their reservations again. This however is still unavailable in the English version of the site.
Something else that’s pretty confusing was, that the booking manager showed cars as overdue for return that had been returned several days, if not weeks ago. Hopefully this won’t turn into another disaster like all the customers of Hertz who suddenly get arrested because Hertz reported them to the police as car thieves.
It was also pretty much impossible to reserve cards using a corporate rate until ~ May 16th which frustrated many customers as the public rates (even those for Platinum and Diamond members) were often 2-3x higher than those their company has negotiated.
This attack has therefore caused great inconvenience and damages to Sixt and their customers. I was very surprised that Sixt would just hand out cars without any major precautions. At least for those customers who have Sixt card. I can’t speak to what documentation and guarantees they took from customers who have no existing affiliation with the company.
They only authorized $1 in all cases from my credit card rather than the whole amount and we’re talking about vehicles that cost in excess of $80,000. I guess at some point early on Sixt had to decide how loose they can play this while still keeping the business running in a somewhat orderly fashion.
The Sixt IT issues appear to be on the way of being rectified but this took the company more than a month of painstaking, expensive work by computer experts which were most likely experts for such matters hired from outside rather than dealing with this internally. Having Cybersecurity experts in house who can deal with targeted attacks and such amount of damage is very rare.
Germany has a whole range of IT issues in large companies right now. Just this week there was a widespread outage of payment processors causing businesses such as gas stations and regular retailers being unable to accept card payments for several days. Considering the situation in the world today we’ll probably see more of this and in many cases it’ll probably be government sponsored.