March 21 (UPI) -- Approximately 880,000 credit card numbers used on Orbitz.com may have been exposed by a data breach, parent company Expedia said Tuesday.
The companies did not say definitively if the credit card numbers were "actually taken from the platform."
"To date, we do not have direct evidence," Orbitz said in a statement
Orbitz said the hacker may have been able to get access to credit card numbers used on Orbitz.com between Jan. 1 and June 22, 2016, as well as between and Oct. 1 and Dec. 22 of last year.
In addition to credit card numbers, customers' full names, dates of birth, phone numbers, email addresses and genders may have been part of the data breach.
"We determined on March 1, 2018, that there was evidence suggesting that an attacker may have accessed personal information stored on this consumer and business partner platform," Orbitz said. "We took immediate steps to investigate the incident and enhance security and monitoring of the affected platform."
Orbitz set up a website to help customers who were affected by the data breach.
The company is also offering affected customers one year of complimentary credit monitoring and identity protection service in select countries.