Travel services website Orbitz, owned by Expedia, on Tuesday accepted that hackers could have accessed personal information of about 8,80,000 payment cards used on their website.
The breach has accessed information such as name, phone numbers, email and billing addresses. The company said that the breach might have had happened between October and December 2017, compromising data of customers who had done transactions during January 2016 and December 2017.
The operator said the breach happened during an older version of their website, after which they have improved the security of the platform, and the current website has not been compromised.
The company was quoted by the Fortune saying, “To date, we do not have direct evidence that this personal information was actually taken from the platform and there has been no evidence of access to other types of personal information, including passport and travel itinerary information.”
The company also informed that the details like travel itineraries or passport of customers have not been affected. They advised customers who used their site during the mentioned period to check if there was any fraudulent transactions in their credit and debit card statements. And if any, they are advised to contact banks.
Expedia owns and operates about 200 travel operating companies across 75 countries, and Orbitz is one among them. After the breach was reported, Expedia’s shares fell as much as 2 percent to $108.99.