Expedia, Inc.’s EXPE subsidiary, Orbitz (orbitz.com) was recently hit by a security breach. Hackers reportedly had access to customer’s information from 880K payment cards used on its consumer platform as well as its partner’s platform where Orbitz is used as a booking engine.
Reportedly, cyber attackers could access card user’s names, phone numbers, emails, date of birth and billing addresses in the breach that might have taken place between Jan 1, 2016 and Jun 22, 2016 on consumer’s platform and between Jan 1, 2016 and Dec 22, 2017 on the partner’s platform.
However, the travel booking site confirmed that the social security numbers of U.S. customers have not been affected.
The breach has affected its partner American Express as well which reported that the incident could include the information of customers who booked during that specific time period.
Since March 20 (when the incident was reported) Expedia shares have declined 3%. In the past year, shares have lost 16.2%, as compared with 61.4% rally of the industry it belongs to.
Currently, Expedia carries a Zacks Rank #5 (Strong Sell).
Cyber Crime in Focus
The latest cyberattack proves that most of the organizations across the world lack proper cyber security measures. Both Travel and hotel industry are correlated and are grappling with challenges pertaining to cyber-crimes.
The latest breach in the travel industry follows a similar kind of hack that happened with InterContinental Hotels Group and Hyatt Hotels Corp last year.
Equifax, an information services provider, which helps customers in making better credit and marketing decisions, also faced a data breach last year. These incidents have clearly underscored the fact that a customer’s payment card information is highly prone to hacking.
Further, ransomware attacks are fast hitting the headlines post the WannaCry and Petya attacks that happened in May and June 2017, respectively.