In March 2018, the travel search engine and subsidiary of Expedia, Inc. disclosed that 880,000 customers who made purchases in 2016 and 2017 may have been affected by a recently discovered data breach.
A hacker had used a legacy website to gain access to payment-card and other personal information between January 2016 and December of last year. Potentially exposed personal information includes birthdays, addresses, full names, phone numbers, email addresses and gender.
The company wasn't able to confirm exactly what was taken from the platform leaving their customers unclear what form of fraud they should be diligent about. However, in an effort to maintain the trust of its customers and partners, the company is offering a year of complimentary credit monitoring and identity protection services.
The company says the data breach was discovered 1st March while auditing the platform in question and says the hackers gained access to the information between 1st October and 22nd December 2017.
If you'd rather we did the heavy lifting in developing a cyber incident response plan or lessons learnt training for your organisation underpined by our unique insight into the challenges faced and strategies implemented by organisations countering today's cyber security threats then please contact us here.