Orbitz, a leading name in the travel services industry, recently disclosed some details of a massive data breach involving their business.
The company functions as a travel fare aggregator and metasearch engine solution to help travelers make bookings and arrangements. But the influx of payment card information on their site makes it a potential goldmine for hackers. The breach could’ve compromised information from about 880,000 cards.
The travel website, which is owned by Expedia, said that one of their older sites and platforms of an unnamed business partner was affected. It is likely hackers were able to access peoples’ names, email addresses, street addresses, birthdays, and more.
The breach is believed to have occurred between October and December of last year, with records from the beginning of 2016 to late 2017 being affected. Orbitz said their main website was not affected, and that the breach didn’t involve any data like social security numbers or passports.
Customers were advised to review their accounts for any signs of fraudulent charges and report them to their banks. The company also said they were offering potential victims credit monitoring services free-of-charge for one year.
The company’s shares fell roughly 2 percent when the news was announced, and it is uncertain how this will affect their business moving forward.
Companies that get a lot of customer info on file, especially related to payment data, are always at higher risk of being hacked. Credit monitoring giant Equifax experienced a massive breach last year, the fallout of which led to managers stepping down and lawmakers demanding answers on how such a blunder could’ve occurred.
When the news originally broke, Equifax faced scrutiny for their failure to disclose it quicker. But the hits just kept coming – months after the original report that 143 million consumers’ data may have been put at risk, the company said new findings put the total at around 145.5 million. New discoveries continued to yield more data, with the company’s most recent report stating that about 147.9 million customers may have been affected.
Though Equifax’s damage control procedures and the tech credentials of their management both came under scrutiny following the breach, it is not unusual for data breaches to be discovered in pieces. Yahoo experienced a series of breaches from 2013 to 2016. While initial reports stated that only a third of the company’s customers were affected, later data revealed that virtually all its accounts were affected.
That led to an $80 million securities settlement and raised even more concerns about the safety of information put into cyberspace. Not only are the world’s leading tech companies not immune to such dangers, but they appear to be even bigger targets than the average consumer.
New workarounds and vulnerabilities are discovered by career hackers all the time. Even companies that have dedicated security teams working around the clock to intercept threats may find that determined data-thieves are hard to thwart. The biggest question now is how can affected companies stop it from happening again?