Hackers could have credit card numbers of 880,000 Orbitz users

Hackers could have credit card numbers of 880,000 Orbitz users
Hackers could have credit card numbers of 880,000 Orbitz users

Hackers may have gained access to as many as 880,000 credit cards by hacking into the Orbitz website. On Tuesday, March 20, the travel-booking company, owned by Expedia, shared that it had found evidence of a hacker gaining access to user data. The company says they don’t yet have evidence that the information was actually taken, but the hacker access means user data could have been stolen.

The hack could include data from users that used the platform between January 1 and June 22, 2016. Partner programs using Orbitz have a much wider date range for the hack, extending to Dec. 22, 2017. Orbitz said that, along with billing information, the hack also could have exposed other personal data including names, emails, phone numbers, billing addresses and gender. The company also said that the investigation suggests that travel itineraries, passport information, and social security numbers were not part of the hack.

The hacker gained access to an older version of the website, the company said. The current booking platform is not part of that breach, Orbitz said.

Orbitz discovered the hack earlier in March and since has launched an investigation to determine what data could have been affected. After discovering the vulnerability, the company said it hired a forensic investigative firm and also involved law enforcement.

In a statement, Orbitz said, “We deeply regret the incident, and we are committed to doing everything we can to maintain the trust of our customers and partners.”

For those potential 880,000 users that could have compromised data, the company is offering a year of credit and identity monitoring at no charge. The company is notifying users that could have been affected by the breach but travelers that booked within those dates can also call 1-855-828-3959 in the U.S. or 1-512-201-2214 outside the U.S. for additional information.

The breach isn’t the first time hackers have targeted travel platforms. Sabre announced a hack last year on the hotel booking platform. In 2011, a TripAdvisor hackcompromised user emails, but the booking platform didn’t collect payment information from users.

Orbitz is owned by Expedia Inc. and offers online booking for flights, accommodations, rental cars as well as options like cruises and complete travel packages.


Please enter your comment!
Please enter your name here