A recent security breach at the tour-booking website Viator may have exposed data of 1.4 million customers, making it the latest victim in the string of high-profile retail breaches.
The breach also leaked payment information of about 880,000 customers, with a further 560,000 likely having their email Ids and encrypted Viator password compromised.
Viator has appointed forensic experts, notified law enforcement to study the incident and find the reasons of breach.
The company said in a statement: "We recommend that all affected customers monitor their card activity and report any fraudulent charges to their credit card company. Customers will not be responsible for fraudulent charges to their accounts if they are reported in a timely manner."
According to Malwarebytes Labs, hackers have not yet posed any file with personally identifiable information online.
Malwarebytes Labs malware intelligence analyst Chris Boyd said: "There doesn’t appear to have been a massive file posted online yet containing data such as PII [personally identifiable information] related to the compromise — while that doesn’t mean there isn’t one, it’s a slim branch of hope to hold onto as we await more information on this latest high-profile attack.
"The good news is that if you haven’t experienced a fraudulent transaction yet, you may be in the clear.
"Stolen payment data doesn’t tend to get stockpiled for too long because the people sitting on it know it’s only a matter of time before someone, somewhere notices and has the card cancelled."
The latest breach comes amid the debate on alleged leak of naked female celebrity photos being circulated on the internet.
