Orbitz admits data breach exposed 880,000 credit card details
Breach occurred in 2016 but took two years to travel into Orbitz's view
The company fessed up to what it suspects was a cyber attack made against the personal and payment information of its customers, with data such as dates of birth, email addresses, billing addresses and phone numbers thought to have been exposed.
The data breach appears to have involved hackers cracking into a legacy website run by Orbitz between January and June 2016, though the company only caught wind of it on 1 March.
A partner platform that also contained Orbitz customer data is also thought to have been breached between January 2016 and December 2017.
Orbitz is now notifying its customer about the breach and is offering a free year's worth of credit monitoring and identity protection to help its customers fight any attempts at fraud committed against them, fueled by the exposed data.
While data breaches are getting increasingly high-profile and come with stringent punishment from the Information Commissioner's Office if not reported correctly, they still seem a dime a dozen these days.