Trip Advisor’s Online travel booking and review website, Viator, was hit by a massive data breach exposing payment card details and account credentials of its customers. It has been reported that approximately 1.4M customers have been affected. The intruders hacked into the customers’ accounts and made unauthorized charges. Viator announced that forensic experts were hired to investigate the extent of the breach and customers have been notified about the security breach in a press release.

Debit-card PIN numbers were not included in the breach because Viator does not store them. The travel advisor said that they believe that the CVV number, the security numbers printed on the back of the customer’s credit card, were also not stolen in the breach. Viator recommends its users to change their password for the site, as well as all other websites that uses the same credentials.