Orbitz, a subsidiary of online travel giant Expedia has revealed a data breach wherein hackers may have accessed the details of some 880,000 payment cards.
The data breach could also extend to hackers accessing the personal information of its customers, Reuters reports. Orbitz launched an investigation following the breach and determined the attacker may have accessed the personal information submitted during certain purchases for two entire years between January 1, 2016 and December 22, 2017.
Orbitz said that information including names, phone numbers, email and billing addresses may have been accessed by the hacker.
In a statement, the Expedia subsidiary added:
To date, we do not have direct evidence that this personal information was actually taken from the platform and there has been no evidence of access to other types of personal information, including passport and travel itinerary information.
For US customers, the company confirmed that social security numbers weren’t involved in the incident. Credit card giant American Express added that the attack did not compromise its platforms or customers as Expedia’s shares fell as much as 1.9%, down to $108.99.
Orbitz said it began investigating the breach after it was discovered this month.
Image credit: Flickr.