Orbitz has disclosed that a recent data breach could have exposed extensive information of up to 880,000 of their customers.

Data Breach

It’s so often these days that hacks hit big-name companies that consumers are becoming numb to it. The latest to get hacked? Orbitz.

The travel booking company recently announced that they may have been hacked, possibly compromising the personal information of approximately 880,000 users. The breach could have included their date of birth, gender, and credit card info, exposing those using the platform between January and June of 2016, and October and December of 2017.

“We determined on March 1, 2018, that there was evidence suggesting that an attacker may have accessed personal information stored on this consumer and business partner platform,” said Orbitz in a statement. “We took immediate steps to investigate the incident and enhance security and monitoring of the affected platform. To date, we do not have direct evidence that this personal information was actually taken from the platform. We deeply regret the incident, and we are committed to doing everything we can to maintain the trust of our customers and partners.”

Whereas Orbitz is big enough to handle the damage control for an incident like this, what about you and your business? Cybercriminals are often just as likely to target small organizations as they are large ones, particularly because of the lack of cybersecurity measures.

Are you prepared to defend your business? If you’re not sure, keep these tips in mind:

Stay informed about phishing and spoofing techniques. Regular security awareness training should be a top priority for your organization.

Stop and think before you click a link. Don’t click on links from random emails or text messages. Hover your mouse arrow over a link to see who sent it. Most phishing emails begin with “Dear Customer”, so watch out for these. Verify the website’s phone number before placing any calls. Remember, a secure website always starts with “https”.

Never divulge personal information requested by email. Phishing attempts try to send you to a webpage to enter your financial or personal information. If you suspect this, give the company a call. Never send sensitive information in an email to anyone.

Be skeptical of messages that contain an urgent call to action:

  • With an immediate need to address a problem that requires you to verify information.
  • That urgently asks for your help.
  • Asking you to donate to a charitable cause.
  • Indicating you are a “Winner” in a lottery or other contest, or that you’ve inherited money from a deceased relative.

Consider installing an anti-phishing toolbar and security tools. Some Internet browsers offer free, anti-phishing toolbars that can run quick checks on the sites you visit. If a malicious site shows up, the toolbar will alert you.

Never download files from suspicious emails or websites. Double check the website URL for legitimacy by typing the actual address into your Web browser. Check the site’s security certificate. Also, beware of pop-ups as they may be phishing attempts.

Block pop-ups via your browser settings. You can allow them on a case-by-case basis if you decide to.

Most importantly? Be sure you’re working with a trusted, reliable cybersecurity service provider. We have the industry experience and expertise needed to keep you and your business secure against today’s cyber threats.