In March 2018, Orbitz, a division of online travel agency Expedia, discovered a security breach that could affect 880 000 payment card accounts.
Who is affected?
After an investigation held by the company, they arrived at the conclusion that personal information such as names, birth dates, phone numbers, emails and billing addresses of online customers might have been accessed by online hackers. In an attempt to address their customers’ concerns, the company released a press statement with details about the incident. In particular, Orbitz claim that they “do not have direct evidence that this personal information was actually taken from the platform.”
The security breach appears to have affected the partner platform between January 2016 and December 2017, while the consumer platform was affected between January 2016 and June 2016. Since the discovery in March of evidence of a possible breach, Orbitz "took swift action to eliminate and prevent unauthorized access to the platform.”
Who is Orbitz
Orbitz.com is a price comparison website that uses data from other web-based travel planning platforms to facilitate searches for flights, hotels and other travel related costs. The website is owned by Orbitz Worldwide, Inc., a subsidiary of Expedia Inc. Headquartered in the Citigroup Center in Chicago, Illinois, the company was created as the airline industry's response to the rise of online travel agencies such as Expedia and Travelocity, as well as a way to lower airline distribution costs. It was acquired by Expedia in February 2015 for an estimated $1,2 billion.
What can be done?
This security breach is one of many incidences of lapsed security that have happened on the internet during last few years. While data breaches in Yahoo! and Equifax might have been on a much larger scale than in Orbitz, this latest incident indicates that companies cannot guarantee the security of their customers.
Prior to the Orbitz attacks, data attacks were launched on global hotel chains InterContinental Hotels Group Plc and Hyatt Hotels Corp last year.
The company has made it clear that their website orbitz.com was not involved in the breach. They have offered a year of free credit monitoring to customers and business partners affected. On top of this, they are collaborating with cyber security experts and law enforcement agencies to dampen the impact of the security issue that occurred.
Orbitz also added on the matter: "Ensuring the safety and security of the personal data of our customers and our partners' customers is very important to us”. They have apologised, "We deeply regret the incident, and we are committed to doing everything we can to maintain the trust of our customers and partners.”
We believe that information should be free and will therefore never put up a paywall.
If you like reading our reports about the Scandinavian business scene and would like to donate towards the upkeep of the site, we would be very grateful. Click here to donate.