Orbitz has suffered a data breach that affects 880,000 users. Hackers broke into what the company is calling “legacy Orbitz travel booking information” and stole payment card details. Included in the stolen details were phone numbers, full names, emails, gender, birthdates, and more. The company says the data breach was discovered March 1st while auditing the platform in question. The company says the hackers gained access to the information between October 1st and December 22nd, 2017. The stolen data was information from Jan 1st through June 22nd of 2016.
“The current Orbitz.com website was not in any way involved in this incident,” Orbitz wrote. After discovering the intrusion, the company brought in a third-party forensic firm and other cybersecurity experts, as well as law enforcement, to further investigate the incident. Orbitz said it “took swift action to eliminate and prevent unauthorized access to the platform.”
“Ensuring the safety and security of the personal data of our customers and our partners’ customers is very important to us,” Orbitz wrote. “We deeply regret the incident, and we are committed to doing everything we can to maintain the trust of our customers and partners.”
We were able to get a comment from Armen Najarian, chief marketing officer at ThreatMatrix and he told us:
Based on the most recent online fraud trends, we expect the data exposed in the Orbitz breach to be used to build out comprehensive stolen identities. These are either packaged up to sell on the dark web, or used by the attackers to open accounts, make fraudulent payments, apply for loans, etc. They see opportunity beyond making quick buck from stolen credit cards. They’re orchestrating more ambitious attacks that produce greater profits over the long term.
The most recent ThreatMetrix Cybercrime Report found there was an elevated number of bot attacks – ThreatMetrix recorded about 800 million bot attacks throughout Q4 2017 – as fraudsters tested stolen credentials in the wake of large-scale data breaches, before going after bigger pay-outs. Even the charity sector emerged as a prime target, where fraudsters used low-value ‘donations’ to test credentials. Attack rates around new account creations and logins were also notably higher. Overall, ThreatMetrix found 193 million rejected eCommerce transactions in Q4 2017, a 92% increase over Q3 2017 and a 173% increase over the previous year.
To prevent being hit with the downstream fraud attacks, which will result from this data breach, organizations need to assess whether transactions, logins or new account openings on their sites and apps are legitimate or not, based on global digital identity insights. By differentiating between activity from stolen identities versus real customer behavior, based on how that individual typically behaves and their individual online footprint, digital businesses will be able to protect their consumers and drive online revenue.