Up to 880,000 Payment Cards Accessed in Orbitz Data Breach - What to Do Next
If you’ve booked trips through Orbitz, hackers may have accessed your credit card or other payment card information in a recent attack.
What should you do now? Here are some steps you can take: Wait to hear from Orbitz, monitor your credit card and bank accounts, and take measures to help protect against identity theft.
Here’s what happened.
Reports from March 20, 2018, state that up to 880,000 payment card numbers and related information could’ve been exposed in a data breach. The additional information could include:
- Customer’s full name
- Date of birth
- Phone number
- Email address
- Physical or billing address
Orbitz, which is owned by Expedia, apparently had two different data disclosures.
In the first disclosure, an attacker may have accessed customers’ personal information for some purchases made on orbitz.com between Jan. 1, 2016, and June 22, 2016, according to news reports.
In the second disclosure, customer data from other travel sites that used Orbitz to book travel between Jan. 1, 2016, and Dec. 22, 2017, may have been compromised, according to published reports. One of the affected sites was the American Express site Amextravel.com.
Orbitz says its current Orbitz.com website wasn’t involved in this incident.
What you should do now
Orbitz said it was notifying all affected customers and partners, so be on the lookout for such notification, indicating your data may have been exposed.
The Orbitz breach is a reminder that it’s good to regularly review credit card and bank statements, looking for unfamiliar transactions. If you see a transaction that isn’t yours, contact your financial institution immediately.
Keep in mind that it can be safer to use credit cards instead of debit cards when making purchases. That’s because debit cards give fraudsters direct access to the money in your checking account. With a credit card, your bank account isn’t affected until you make a card payment.
Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.