Orbitz Hacked, Customers’ Credit Card Information Exposed

orbitz hacked

Travel booking site and Expedia subsidiary Orbitz revealed today that they have suffered a data breach which may have exposed as many as 880, 000 customers’ personal information. According to an official statement by Orbitz, the hack occurred on a “legacy travel booking platform”—an older site in other words—and did not affect the newer site.

The breach occurred between October and December 2017. Orbitz spokespeople stated that it appears the hacker was able to access customer names, birth dates, email addresses, and credit card information. The customer information at risk spans from January 2016 to December 2017. The hack was discovered earlier this month. Orbitz stated that the security hole has been closed and has begun informing customers if they’ve been affected. They are offering free credit monitoring for a year to all victims.

Orbitz stated that the evidence suggests customers’ data was not downloaded. “Ensuring the safety and security of the personal data of our customers and our partners’ customers is very important to us. We deeply regret the incident, and we are committed to doing everything we can to maintain the trust of our customers and partners,” they stated.  

The identity of the hackers has not yet been determined. The incident highlights the need for better threat detection and response, as well as the importance of closing security holes even in older enterprise platforms.  

 

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner

Leave a Reply

Your email address will not be published. Required fields are marked *