Cyber Incident Victim: Localiza Rent a Car

On January 11, 2022, during the early morning hours, Localiza Rent a Car S.A. and its subsidiaries experienced a partial interruption in the functioning of some operational systems. The disruption stemmed from a cybersecurity incident directly involving the company, though specific technical details regarding the attack vector or perpetrator were not disclosed. Localiza promptly activated its governance protocols upon detecting the incident, prioritizing system restoration and impact assessment. The partial outage affected unspecified business systems critical to operations, though core services remained partially functional during the event. Company technicians worked to isolate affected systems while restoring functionality across its infrastructure. No immediate operational or financial impact estimates were provided in the initial disclosure.

Localiza's incident response team focused on verifying data integrity during the restoration process. The company confirmed no evidence of unauthorized access to its databases or extraction of personal data as of the disclosure date, January 11, 2022. System functionality was progressively being reestablished at the time of the market notification, though no specific timeline for full recovery was announced. Rodrigo Tavares Gonçalves de Sousa, the CFO and Investor Relations Officer, formally communicated these developments to shareholders and the market in compliance with CVM Resolution 44/21 requirements. The disclosure emphasized transparency and governance standards while maintaining that operational continuity measures were effectively deployed during the incident.