Cyber Incident Victim: Ucar

On January 20, 2021, vehicle rental company Ucar publicly disclosed it had suffered a ransomware attack earlier that year. Hackers gained unauthorized access to the company’s servers through an unidentified gateway, triggering an operational disruption. Nicolas Martin, Ucar’s Secretary General, confirmed the incident but noted that a comprehensive analysis of the attack’s scope, depth, and associated consequences remained ongoing at the time of disclosure. The company engaged external cybersecurity professionals, including a risk management consulting firm specializing in IT and cyber incidents, alongside forensic experts, to investigate the breach. These teams worked to determine the nature and volume of data compromised during the intrusion. Despite the attack, Ucar managed to restore operations using existing data backups, minimizing downtime.

Ucar maintained business continuity throughout the incident, with no reported interruptions to customer-facing services. Its agencies continued client operations unimpeded, while web services and core business software remained fully operational. Martin emphasized this resilience, attributing it to the effective deployment of backup systems to recover critical functions. The company committed to providing further updates as investigations progressed, particularly regarding the extent of data exfiltration and potential impacts. No specific details about ransom demands, payment, or data types were disclosed in the initial announcement. Forensic work continued to assess the attack’s pathways and the full implications for data security and system integrity.