Data Breach at Viator Exposes Customer Payment Information
A significant data breach has compromised the online travel booking platform, Viator, which operates under the umbrella of TripAdvisor. This incident has reportedly put the payment card details and account credentials of approximately 1.4 million customers at risk. The breach was publicly acknowledged by Viator late last Friday, revealing that unauthorized transactions have occurred on some affected accounts.
Based in San Francisco, Viator was acquired by TripAdvisor in July for £122 million (approximately $200 million). The company confirmed the breach originated from unauthorized access to customer payment card information during transactions made via its website and mobile applications. The investigation underscores the vulnerabilities in digital transaction processes that can expose customer data to cybercriminals.
In response to the breach, Viator has enlisted forensic specialists to assess its systems and identify the full scope of the incident. Affected customers are being notified as per guidelines delineated in a press release issued by the company.
“On September 2, we were alerted by our payment card service provider about unauthorized charges on several customers’ credit cards,” Viator stated. “We have acted swiftly by hiring forensic experts, contacting law enforcement, and diligently investigating how our systems may have been breached and subsequently fortified against future incidents.”
The investigation revealed that hackers infiltrated Viator’s internal databases, accessing sensitive payment card data such as encrypted card numbers, expiration dates, billing addresses, and email addresses. Approximately 880,000 individuals were impacted by this exposure, in addition to over 560,000 customers potentially having their Viator account information, including email addresses and encrypted passwords, compromised. It’s important to note that the company does not store debit card PIN numbers, and they believe CVV numbers were also not stolen.
To address the fallout from the breach, Viator is offering impacted U.S. customers complimentary services for identity protection and credit card monitoring. Moreover, the company is evaluating the possibility of extending similar services to customers outside the United States.
Viator has urged affected users to keenly monitor their financial statements and report any fraudulent activities to their card providers, emphasizing that customers will not be held liable for unauthorized transactions when reported promptly. Furthermore, the company recommends changing passwords for the Viator site and any other platforms using the same login credentials.
This incident serves as a stark reminder of the evolving landscape of cybersecurity threats. It highlights the critical nature of protecting payment information and maintaining robust defense strategies. Potential tactics used by adversaries in this breach may include initial access through phishing or exploitation of vulnerabilities, with techniques aligned with the MITRE ATT&CK framework, particularly in areas of credential access and lateral movement within the network.
As the situation develops, ongoing vigilance remains imperative, not just for Viator, but for all entities engaged in digital transactions, underscoring the importance of comprehensive cybersecurity measures to safeguard sensitive consumer data.