The major travel booking platform Orbitz recently announced a data breach of its and its partners’ systems. Specifically, between October and December 2017, cybercriminals accessed personal information that was submitted for certain purchases made between January 1, 2016 and June 22, 2016 (for Orbitz platform customers) and between January 1, 2016 and December 22, 2017 (for certain partners’ customers). The data breach is believed to have exposed customers’ personal information including names, payment card information, dates of birth, phone numbers, email addresses, physical and/or billing addresses, and genders. The breach is estimated to have affected about 880,000 payment cards, according to Orbitz.
Although Orbitz has not disclosed which business partners were affected by the breach, American Express warned users that travel booked through its representatives and through Amextravel.com had been affected by the cyberattack.
Honest consumers trust their sensitive, personal information to Orbitz, and expect that Orbitz will keep that information safe and confidential. Unfortunately, it appears that Orbitz failed in this duty to its customers, and allowed their private information to fall into the hands of criminals.
Any potential data breach should be taken very seriously. If your personal information has been exposed, you may be at risk of fraud or identity theft. Victims potentially face serious disruptions in their everyday lives, including harm to their credit scores, complicated legal issues, and the significant costs of credit monitoring and other suddenly necessary protections.
Disclosure of personal information is unlawful, and the attorneys at Finkelstein, Blankinship, Frei-Pearson & Garber, LLP have successfully brought many lawsuits on behalf of data breach victims. If you or someone you know may have been a victim of the Orbitz data breach, please contact us immediately to discuss your legal options.