This Data Breach Affected 880,000 People

    0
    1798

    Another big data breach happened the same week like the scandal Involving Facebook and Cambridge Analytica. In the case of Facebook, Cambridge Analytica has been accused of inappropriately accessing user personal data which Facebook had given to a third party apparently for research purposes. With the storm over the Facebook saga still blowing, another privacy breach which has bigger implications has been announced. Travel site Orbitz has announced that it suspects that hackers may have accessed personal private data belonging to over 880,000 users.

    The hacking, which may have included email addresses, phone numbers and billing addresses involved personal details which Orbitz users had submitted in 2016. The breach was not discovered until March 1, and was announced on March 20. The hacking may have taken place between October 2017 and December 2017.

    According to Guy Podjarny, the chief executive officer of Snyk, a security company,many big tech companies have legacy systems which are built with very minimal security. This, he says, may have been the reason why it took so long to discover the breach. He said even the people who wrote the systems may have left the company hence making it very vulnerable to intruders.

    While commenting on the breach, Orbitz said the breach did not affect members’ passport information and Social Security numbers. The company also said its current website was not involved in the hacking which mainly targeted the services offered by Orbitz and used by third party platforms. The company said that it is fully committed to ensuring the safety and security of its clients. Orbitz added that it is contacting the affected clients and will offer them with a one year of complimentary identity protection services and credit monitoring.

    Hackers managed to access a lot of information because Orbitz stores much of its credentials in one database. This is according to HYPR chief executive officer George Avetisov. HYPR is a security company. He noted that having a single database for all the information creates a single entry point and makes it easy for hackers to break in. he noted that large companies are currently adopting decentralized authentication methods in order to curb large scale hackings, ensure user privacy and prevent fraud.

    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here