Unauthorized charges showed up on customers’ credit cards after booking through Viator.
Correction: The headline and image accompanying this story have been changed to indicate the breach affected a company acquired by TripAdvisor. The story has also been updated with a statement from a TripAdvisor spokesman.
Viator, a tours and activities website recently acquired by TripAdvisor, learned Sept. 2 it had been compromised when a payment service provider flagged unauthorized charges made to a number of customers’ credit cards.
It remains unclear how the company’s systems were penetrated, Travel Trends reports.
However, a company spokesman told Nextgov TripAdvisor's site was not impacted by the Viator incident. "Viator and TripAdvisor are operated on separate systems with different design and security attributes, and with no overlap."
The breach potentially exposed payment card data, as well as customer email addresses, passwords and usernames for Viator online accounts.
The cards affected had been used legitimately to book trips through Viator’s website and apps, according to a company breach notice.
Read the rest at ThreatWatch, Nextgov’s regularly updated index of cyber breaches.
And find out even more on “NG Cybersecurity,” our new iPhone app.
NEXT STORY: What if Police Body Cams Get Hacked?