Orbitz travel site suffers e-mail address theft

Online travel company Orbitz has claimed someone has breached its site and stolen its customers' e-mail addresses.

Orbitz said a small number of customers told the company they received spam or junk e-mail from an unknown party that apparently used unauthorised or illegal means to obtain e-mail addresses used with Orbitz.

Orbitz has notified law enforcement agencies about the apparent security breach and has assembled an experienced security team to investigate the reports.

"Protecting customer information is of the utmost importance to Orbitz, which employs best practices in privacy and security and is certified by Truste and VeriSign," a statement said.

According to its privacy policy, Orbitz does not disclose customers' personal information to third parties unless its customers authorise the company to do so.

Linda Rosencrance writes for Computerworld