I just received an email notification from American Express (AXP) detailing the following:
“We are writing to let you know that American Express recently learned that our third-party vendor, Orbitz, was the victim of a cyber attack. “
Of course, this is the latest announced high profile cyber attack, which in my view serves as a reminder of the risks to be had as we migrate more of our lives into the digital world. Add in the renewed concerns over privacy following the latest happenings with Facebook (FB) and we here at Tematica see pain-point related demand continuing to rise for our Safety & Security investing theme. As a reminder, this theme stretches beyond national and homeland security to include cybersecurity as well as personal security. And for those wondering, Orbitz is own by Expedia (EXPE).
Another day, another breach. Today, online travel agency Orbitz disclosed that hackers managed to get both credit card data and personal information (though no Social Security numbers and passwords) from users who made their travel purchases on the site between January 1, 2016 and December 22, 2017.
In total, the company says, that’s about 880,000 payment cards that were accessed from what the company calls a “legacy Orbitz platform.”The hackers also likely accessed other data, like names, physical or mailing addresses, birth dates, email addresses, phone numbers and the customer’s gender while they were in the systems between October and December 2017.
While this breach isn’t at the level of the giant Equifax and Yahoo hacks, here is yet another company that couldn’t keep your data safe. Indeed, at this point, you can pretty much assume that all of your personal data and likely your passwords and credit cards, too, are up for sale in one of the darker parts of the internet.