The content is accurate at the time of publication and is subject to change.
Did you book a trip through Orbitz or one of its partners in 2016 or 2017 using your credit card? If so, you may want to keep an eye on your credit report because the travel website has announced a potential data breach. It is believed that about 880,000 credit cards may have been compromised.
The hack was discovered on March 1, 2018, and affects an older legacy site, not their current site. The information that may have been stolen includes the name of the cardholder and their credit card information, as well as phone numbers, birth date, gender, email address and billing address.
Some information was not affected by the breach, including passport information and travel itinerary data. Orbitz also points out that social security numbers for people living in the United States were not part of this breach.
They discovered the potential problem when they were investigating the older legacy website. It appears that cyber criminals may have invaded their system between October 1, 2017, and December 22, 2017, and stolen data from as far back as January, 2016.
This includes information about purchases made between January 1, 2016, and June 22, 2016, for customers using the Orbitz platform directly, and from January 1, 2016, through December 22, 2017, for people using partner websites.
Investigating and shutting the hack down
Once the potential breach was uncovered, Orbitz took steps to stop the threat and to prevent further hacking of their systems by increasing security and monitoring the platform involved in the event.
They also contacted the authorities to alert them of the breach and began working with law enforcement. A third party forensic investigation firm and additional cybersecurity experts were brought in as well.
Orbitz also started reaching out to business partners and customers whose credit card information may have been affected by the breach.
Credit monitoring and identity protection services can be an important part of protecting yourself when a breach occurs. Orbitz is offering these services free of charge for one year to people whose information was affected.
People who live in the United States and whose data was compromised can sign up for services via this webpage, or by calling 1-855-828-3959. People living outside the U.S. can call 1-512-201-2214 to get more information.
Orbitz suggests that customers with credit card data may have been hacked should keep an eye on their card statements and their credit history. If there is any unauthorized activity, they should contact their bank or the telephone number on their credit card.