Customers who used Orbitz, a subsidiary of, to book travel or accommodations between January of 2016 and December of 2017 may have had their personal information accessed by hackers.

While the companies are launching a full investigation of the suspected breach, they have already determined that the unauthorized access was limited to payment card information. That means no Social Security numbers, passport numbers, or other highly sensitive information was gathered by the criminals.

These days, it might almost feel like a relief that the unauthorized access was limited to replaceable information like a credit card, but that false sense of relief can be attributed to a very real phenomenon known as data breach fatigue. Even if the harm only involves payment cards, this is still cause for concern.

Customers must first ascertain whether they used the travel site during the dates specified by the company. From there, it’s a good idea to review your account statements for any cards you may have used on the site, just to be sure you don’t see any unauthorized activity. It’s a good idea to change your Orbitz account password just to be on the safe side, and to make sure you haven’t used that same password on any other sites. Remember, passwords must be “unique” to every account you use for this very reason; if hackers gained access to your account information on one site and you’ve reused it on another account, they potentially have access to that account as well.

Events like this one serve as a wake-up call about account security. Make sure your passwords are strong, unique, and changed from time to time, and be sure to set up “card not present” alerts on your payment cards. That way, you’ll receive a text or email if the card is ever used online or over the phone, letting you take immediate action if the charge was fraudulent. Finally, now is as good a time as any to request a free copy of your credit report from Look it over carefully for any suspicious activity, and take action if you spot something out of the ordinary or that shouldn’t be there.

 Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.