A Travel booking website Orbitz has announced that they have discovered a data breach which could have exposed credit card information of more than 880,000 customers between Jan. 1, 2016 and Dec. 22, 2017.
The company discovered the potential breach on March 1st, while the current website of the company was not affected by the incidence. The Orbitz is now owned by Expedia Inc. of Belleview, Washington.
Hackers may have accessed consumer data submitted to a legacy website between January 1, 2016, and June 22, 2016. Additionally, Orbitz partner platform data submitted between January 1, 2016, and December 22, 2017, may also have been breached.
The company says that there is no evidence that customers social security number, passport and travel itinerary information have been accessed, while customers name, payment card information, dates of birth, email addresses, physical billing addresses, gender, and phone numbers may have been accessed, but they don't have any evidence that the breached data was taken from the website.
"Ensuring the safety and security of the personal data of our customers and our partners' customers is very important to us," Orbitz said in a press release. "We deeply regret the incident, and we are committed to doing everything we can to maintain the trust of our customers and partners."
"We took immediate steps to investigate the incident and enhance security and monitoring of the affected platform," Orbitz said. "
Now, the company is offering a year of free credit monitoring and identity protection service to all those customers who were affected by this incidence.
The company discovered the potential breach on March 1st, while the current website of the company was not affected by the incidence. The Orbitz is now owned by Expedia Inc. of Belleview, Washington.
Hackers may have accessed consumer data submitted to a legacy website between January 1, 2016, and June 22, 2016. Additionally, Orbitz partner platform data submitted between January 1, 2016, and December 22, 2017, may also have been breached.
The company says that there is no evidence that customers social security number, passport and travel itinerary information have been accessed, while customers name, payment card information, dates of birth, email addresses, physical billing addresses, gender, and phone numbers may have been accessed, but they don't have any evidence that the breached data was taken from the website.
"Ensuring the safety and security of the personal data of our customers and our partners' customers is very important to us," Orbitz said in a press release. "We deeply regret the incident, and we are committed to doing everything we can to maintain the trust of our customers and partners."
"We took immediate steps to investigate the incident and enhance security and monitoring of the affected platform," Orbitz said. "
Now, the company is offering a year of free credit monitoring and identity protection service to all those customers who were affected by this incidence.