Sixt

Sixt SE is a global car rental company headquartered in Germany, operating as a provider of vehicle rental services to both business and leisure customers. Its core business encompasses the short-term and long-term leasing of automobiles, with a presence that spans multiple international markets, though specific regional breakdowns or fleet sizes are not detailed in the provided information. The company maintains customer-facing digital platforms including websites and mobile applications, which are central to its service delivery model. Its operational footprint is significant enough to be described as global, with a network that includes company-owned branches and likely franchise or partner locations, serving a diverse clientele requiring temporary vehicle access. The organization's primary market positioning is within the competitive mobility sector, where it distinguishes itself through a brand recognized in numerous countries. Its service structure supports standard rental transactions, including reservations, pick-up, and return processes, with an acknowledged reliance on integrated IT systems to manage these operations efficiently across its distributed network.

The company's operational resilience and incident response capabilities were publicly tested during a cyberattack on April 29, 2022. This event necessitated immediate containment actions, including the restriction of access to non-critical IT systems, while essential customer-facing platforms like websites and apps were maintained to preserve core business functions. The attack caused temporary disruptions, particularly impacting customer service centers and certain physical branches, some of which reverted to manual booking procedures. Sixt's response involved activating pre-planned recovery protocols, which helped minimize overall business impact, and it launched a formal investigation with both internal teams and external cybersecurity experts. Customers were notified of potential short-term service delays during the restoration period. This incident underscores the organization's established procedures for managing significant cybersecurity events and its prioritization of maintaining critical customer interfaces during a crisis, reflecting a developed, if not fully detailed, competency in operational continuity planning within the face of digital threats.