• by Ray Schultz , March 20, 2018

Email addresses are among the many pieces of data believed stolen in a hack of an old Orbitz travel site. 

The breach affects 880,000 people who made purchases between January 1 2016 and December 22 2017, according to media reports. 

Among the exposed data elements are birth dates, phone numbers, billing addresses, payment card numbers and gender. However, Orbitz says there is no evidence this information was “taken from the platform.”

Orbitz, which is owned by Expedia, says it has “identified and remediated a data security incident affecting a legacy travel booking platform."

It reportedly discovered the breach on March 1, and believes the hack occurred between October 1 and December 22, 2017.

Orbitz is offering a year of free credit monitoring and identity protection to affected consumers.

"We deeply regret the incident, and we are committed to doing everything we can to maintain the trust of our customers and partners," the company says.