The travel booking platform Orbitz announced Tuesday that its platform may have been hacked, potentially affecting 880,000 customers who made purchases between certain dates in 2016 and 2017.
A breach could include personal information such as full name, address, date of birth, gender, and credit card details, the company said. The period of exposure runs from Jan. 1, 2016, through June 22, 2016; and Oct. 1, 2017, to Dec. 22, 2017.
The hack was uncovered during an investigation of a legacy Orbitz platform, the company said Tuesday.
"We determined on March 1, 2018, that there was evidence suggesting that an attacker may have accessed personal information stored on this consumer and business partner platform. We took immediate steps to investigate the incident and enhance security and monitoring of the affected platform."
"To date, we do not have direct evidence that this personal information was actually taken from the platform," said Orbitz in a statement.
"We deeply regret the incident, and we are committed to doing everything we can to maintain the trust of our customers and partners," said the company, noting that it is offering one free year of credit monitoring and identity protection service to consumers potentially impacted by the hack.