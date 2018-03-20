Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Orbitz Says Legacy Travel Site Likely Hacked, Affecting 880,000 Credit Cards (usnews.com) 5

Posted by BeauHD from the heads-up dept.
hyperclocker shares a report from U.S. News & World Report: Orbitz says a legacy travel booking platform may have been hacked, possibly exposing the personal information of people that made certain purchases between January 1, 2016 and December 22, 2017. Orbitz said Tuesday about 880,000 payment cards were impacted. Data that was likely exposed includes name, payment card information, date of birth, phone number, email address, physical and/or billing address and gender. The company said evidence suggests an attacker may have accessed information stored on the platform -- which was for both consumers and business partners -- between Oct. 1, 2017 and Dec. 22, 2017. "Orbitz said it worked with a forensic investigation firm, cybersecurity experts, and law enforcement once the breach was discovered in order to 'eliminate and prevent unauthorized access to the platform,'" reports The Verge. "The company also notes that its current site, Orbitz.com, wasn't affected. It is notifying customers who may have been impacted and is offering a year of free credit monitoring."

  • One year free credit monitoring (Score:3)

    by El Cubano ( 631386 ) on Tuesday March 20, 2018 @08:18PM (#56294505)
    One year credit monitoring is a joke. Seriously, in this day and age who still has not frozen there credit? Equifax now offers it for free after their breach and the other two (TransUnion and Experian) are just a few bucks. Depending on what state you live in you might even be able to freeze your credit for free depending on the law there.
  • Bought an airline ticket from Orbitz Sept 2016, got hacked around Dec 1, 2017. So I'd say it not just "may have accessed."
  • Too many people are collecting data they don't need in the name of convenience and travel is at the top of the list. Losing the credit card details are trivially corrected; report it lost, new card, new number. But even then they shouldn't be storing that stuff by default, but rather because the customer flies that often and has insisted they keep it or has enrolled in some kind of subscription model (like Netflix). The other details that can't be trivially changed, like your date of birth, shouldn't be a

