Travel Site Breach Impacts 1.4 Million

Payment Card Details Potentially Exposed
Travel Site Breach Impacts 1.4 Million

Travel-booking website Viator is notifying approximately 1.4 million customers about a data breach that could potentially affect payment card data, along with other personal information, used to make bookings through the company's websites and mobile offerings.

See Also: Why Active Directory (AD) Protection Matters

In August, Viator officially became part of the TripAdvisor family of companies after an acquisition originally announced in July.

On Sept. 2, Viator was informed by its payment card service provider that unauthorized charges occurred on a number of its customers' credit cards. The company hired forensic experts, notified law enforcement and launched an investigation into the incident, according to a notice posted to Viator's website.

Although the investigation is ongoing, Viator has determined that approximately 880,000 of its customers may have had their payment card information - including encrypted credit or debit card number, card expiration date, name, billing address and e-mail address - compromised. In addition, those customers may have had their account information, such as encrypted password and Viator "nickname," exposed.

"We have no reason to believe at this time that the three or four digit [security] code printed at the back or front of customers' cards were compromised," Viator says. "Additionally, debit PINS are not collected by Viator and could therefore not be compromised."

Approximately 560,000 customers may have had just their account information, and not payment card information, compromised, the company says.

Viator is offering affected individuals in the U.S., UK and Canada free identity protection services, including credit monitoring, for one year, a spokesperson said to Information Security Media Group.

Users are being asked to reset their passwords on the Viator website, and any other site where the same password is used.


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.