Orbitz Hit By Probable Cyber-Attack: 880K Credit Cards At Risk

There’s been yet another major data protection breach, this time involving Obitz – a subsidiary of Expedia Inc – who say that the data of some 880,000 accounts may have been compromised in a cyber-hack.

Earlier this month, travel site Orbitz determined that an attacker may have accessed data stored on a computer system used by consumers, and accessed a separate tool used by businesses. It’s believed that data submitted in 2016 was exposed, but the discovery of the breach only happened in March this year, meaning data may have been exposed for a prolonged period of time

It’s believed that hackers may have been able to access the data for more than 880,000 accounts, making this is a monumental data protection breach. Data that is thought to have been potentially compromised in the breach includes personal information submitted by users in 2016, such as:

Full names
Phone numbers
Addresses
Email addresses
Credit card information
Birth dates

Combinations of the above are clearly enough for people to fall victim to fraud, especially where credit card information is said to have been exposed as well. We are still hearing about people falling victim to fraud involving the TalkTalk brand, and we understand that the cause of the breach may be, once again, down to outdated systems.

The breach is thought to have possibly occurred sometime between October 2017 and December 2017, meaning victims of the breach have been unknowingly exposed for a considerable period of time. Further, Orbitz did not announce the breach until the 20^th March, despite reportedly discovering the breach on March 1^st.

Orbitz has faced understandable criticism for being slow to publicise the breach.

It doesn’t help that the breach appears to have been discovered several months after the event. There may already be people who have fallen victim to fraud as a result of any information possibly gleaned from the Orbitz data protection breach.

At this stage, we just don’t know.

In the month that has seen the Tesco credit card issue, the separate Tesco / Travelex breach, the Trusted Quid breach and the Facebook data exposure, we’re left wondering whether our data can ever be safe in the hands of third-party organisations. With the new GDPR coming into force in May, organisations will be facing far greater penalties and fines for any failure to comply with important data protection legislation.

It really is a case of shape-up now, or face consequences that could cripple your business for good.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.

Create A Call Back

Information on how we handle your data is available in our Privacy Policy.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.