A subsidiary of online travel agent (OTA) Expedia, Orbitz, has revealed that more than 880,000 personal accounts have been hacked from its website.
The hackers mined personal data from payment cards used on the site.
According to Reuters, the breach occured sometime between January 1 2016 and December 22 2107.
That’s right, over a two-year period.
Not a good look at all.
As per Reuters, hackers accessed email and billing addresses, phone numbers, and identities, however, the website itself was not damaged or impacted in any way.
Speaking on the incident, Orbitz said: “To date, we do not have direct evidence that this personal information was actually taken from the platform and there has been no evidence of access to other types of personal information, including passport and travel itinerary information.”
The company also added that social security numbers were not accessed.
On hearing about the hack, American Express was quick to put out a statement which said the card issuer’s platform had not been “compromised” during the event.
Last week, Travel Weekly reported on Wi-Fi hacking and the ability to mine personal data from public networks in hotels.
The report, led by the US Today Show, looked into hotel Wi-Fis to find out whether hackers are generating their own fake Wi-Fi’s to steal patron’s data.
The results were a little concerning.
The journalist covering the report sat down on a pool lounge chair at a hotel in Mexico and created a fake Wi-Fi hotspot to lure in internet-thirsty holidaymakers.
As users began logging in, the journalist and his security expert were able to see the users’ photos, bank information, and recent purchases.
The journo then found each user and warned them of how easily their information was accessible to the public.
The report also had advice to travellers about what to do to avoid hacking at hotels.
The tips were, to log off public Wi-Fi when making online purchases on your phone.
As well as this, they urged phone users to click ‘Forget this network’ when coming and going from different destinations, to avoid auto-logging on.
Users can also test Wi-Fi which claims to be set up by your hotel by entering a fake hotel room number to see if the connection works.
If it’s real, you won’t be able to get in.
If it’s fake, you will, as it won’t be able to detect a nonexistent room number.