Travel booking website Orbitz announced that it discovered a potential data breach that exposed information for thousands of customers.
According to an Engadget report, the incident, discovered by the company on March 1st, may have exposed information tied to about 880,000 credit cards.
The consumer data in question is from an older booking platform, where information may have been accessed between October and December 2017. Orbitz partner platform data, such as travel booked via Amex Travel, submitted between January 1, 2016 and December 22, 2017 may have also been compromised. The company says that names, payment card information, dates of birth, email addresses, physical billing addresses, gender, and phone numbers may have been accessed, but it doesn’t yet have “direct evidence” that any information was taken from the website.
"Ensuring the safety and security of the personal data of our customers and our partners' customers is very important to us," Orbitz said in a statement. "We deeply regret the incident, and we are committed to doing everything we can to maintain the trust of our customers and partners."
The company said that it is notifying those that might have been impacted by the breach and is offering a year of complimentary credit monitoring and identity protection services. It's also offering to assist its affected partners in notifying their customers.