Orbitz says legacy travel site likely hacked, affecting 880K

  
Orbitz says legacy travel site likely hacked, affecting 880K
This Feb. 12, 2015 file photo shows signage for travel booking site Orbitz outside the building that houses its headquarters, in Chicago. Orbitz says a legacy travel booking platform may have been hacked, potentially exposing the personal information of people that made purchases between Jan. 1, 2016 and Dec. 22, 2017. The company said Tuesday, March 20, 2018, about 880,000 payment cards were impacted. (AP Photo/Kiichiro Sato, File)

Orbitz says one of its older websites may have been hacked, potentially exposing the personal information of people who made purchases online between Jan. 1, 2016 and Dec. 22, 2017.

The current Orbitz.com website was not involved in the incident. Orbitz is now owned by Expedia Inc. of Belleview, Washington.

Orbitz said Tuesday about 880,000 payment cards were impacted.

Data that was likely exposed includes name, address, payment card information, date of birth, phone number, email address and gender. Social Security information was not hacked, however. The company said evidence suggests that an attacker may have accessed information stored on the platform—which was for both consumers and business partners—between Oct. 1, 2017 and Dec. 22, 2017.

It said it discovered the data breach March 1.

Orbitz is offering those impacted a year of free credit monitoring and identity protection service in countries where available.

Explore further: Orbitz to Go Public, Again