CASE STUDY #2: Possible Data Breach at Orbitz Affects 880,000 Payment Cards

Travel booking website Orbitz has announced that it discovered a potential data breach that exposed information for thousands of customers. The incident, discovered by the company on March 1, 2018, may have exposed information tied to about 880,000 credit cards.
The consumer data in question is from an older booking platform, where information may have been accessed between October and December 2017. Orbitz partner platform data, such as travel booked via Amex Travel, submitted between January 1st, 2016 and December 22nd, 2017, may have also been compromised. The Expedia-owned company says that 
names, payment card information, dates of birth, e-mail addresses, physical billing addresses, gender, and phone numbers may have been accessed, but it doesn’t yet have “direct evidence” that any information was taken from the website.
There have been many mass data breaches over the past year: OnePlus said up to 40,000 customers were affected by a breach in January 2018 that resulted in the company temporarily shutting down credit card payments for its online store, 
a Verizon partner data breach exposed millions of customer records, a Yahoo breach impacted all 3 billion user accounts, and 143 million people had personal information stolen from Equifax. Even Chipotle experienced a malware that stole customer credit card information from restaurants in every state the chain operates in.
Orbitz said it worked with a forensic investigation firm, cybersecurity experts, and law enforcement once the breach was discovered in order to “eliminate and prevent unauthorized access to the platform.” The company says its current site, Orbitz.com, wasn’t affected. It is notifying customers who may have been impacted and is offering a year of free credit monitoring.

Study Questions:
A. What is the write-up all about? What technology-related issue/s is/are apparent?

B. What possible impacts or problems may arise in conjunction with the data breach?

C. How can Orbitz and other similar businesses prevent such from happening again? What measures can you recommend?

D. Considering this scenario, would you consider technological developments as advantageous? Why or why not? Justify your responses

Transcribed Image Text:

Technological Building Blocks of E-Commerce The technological building blocks behind e-commerce are the following (Laudon & Traver, 2017): Internet – It is a worldwide network of computer networks built on common standards. It links businesses, educational institutions, government agencies, and individuals together, and provides users with services such as e-mail, document transfer, shopping, research, instant messaging, music, videos, and news. World Wide Web – It is an information system that runs on the Internet infrastructure. It was the original "killer app" that made the Internet commercially interesting and extraordinarily popular. It provides access to billions of Web pages indexed by Google and other search engines. Before the Web, the Internet was used mainly for text communications, file transfers, and remote computing. The Web introduced more powerful and commercially interesting capabilities with direct relevance to commerce. It added color, voice, and video to the Internet, creating a communications infrastructure and information storage system. Mobile platform – It provides the ability to access the Internet from a variety of mobile devices such as smartphones, tablets, and other ultra-lightweight laptop computers via wireless networks or cell phone service. An app (short for application) is a software application, which is typically used when referring to mobile applications, although it is sometimes used to refer to desktop computer applications as well. A mobile browser is a version of Web browser software accessed via a mobile device.

Transcribed Image Text:

E-Commerce Issues Ethics is at the center of social and political discussions about the Internet. Ethics is the study of principles that individuals and organizations can use to determine right and wrong courses of action. It is assumed in ethics that individuals are free moral agents who are in a position to make choices. Extending ethics from individuals to business firms and even entire societies can be difficult but not impossible. E-commerce and the Internet have raised so many ethical, social, and political issues that can be categorized into four (4) major dimensions: privacy and information rights, intellectual property rights, governance, and public safety and welfare. Privacy Issues – Privacy is possibly the most complex ethical issue raised by e-commerce, as well as the changing technology of human communications brought about by the Internet and mobile devices. The claim to privacy rests on the moral right of individuals to be left alone, free from surveillance or interference from other individuals or organizations, including the government. E-commerce sites routinely collect a variety of information from or about consumers' visits and purchases. Some of these data constitute personally identifiable information (PII), or any data that can be used to identify, locate, or contact an individual. Advertising networks and search engines also track the behavior of consumers across thousands of popular sites via cookies (small files that are stored on a user's computer to hold a modest amount of data specific to a particular client and website), web beacon (often- transparent graphic image, usually no larger than 1 pixel x 1 pixel, that is placed on a website or in an e- mail to monitor the behavior of the user visiting the Web site or sending the e-mail), spyware (any software that covertly gathers user information through the user's Internet connection without their knowledge, usually for advertising), and other techniques. These activities are just a few of the issues linked to privacy over the conduct of e-commerce. Intellectual Property Rights – Next to privacy, the most controversial issue related to e-commerce is the fate of intellectual property rights. Intellectual property encompasses all the tangible and intangible products of the human mind. Intellectual property protection in the Philippines is contained in Republic Act No. 8293, otherwise known as the Intellectual Property (IP) Code of the Philippines. The term "intellectual property rights" in the Code consists of copyright and related rights, trademarks and service 03 Handout 1 *Pr TH2106 marks, geographic indications, industrial designs, patents, layout designs of integrated circuits, and protection of undisclosed information. Generally, the creator of the intellectual property owns it and has the exclusive right to use it in any lawful way they see fit. The Internet, however, changes things. Once intellectual works become digital, it becomes difficult to control access, use, distribution, and copying. The Internet technically permits millions of people to make perfect digital copies of various works, from music to plays, poems, and journal articles, and then distribute them nearly cost-free to hundreds of millions of online users. It has demonstrated the potential to disrupt the traditional conceptions and implementations of intellectual property law. The major ethical issue relating to e-commerce in this regard is how individuals and business professionals should treat property that belongs to others. Governance – Governance, as it relates to e-commerce, has something to do with social control: who will control the Internet, what elements will be controlled, and how the controls will be implemented. Control issues revolve around the Internet that could not be controlled, given its decentralized design and its ability to cross borders that made monitoring and controlling message content impossible. This implies that the content and behavior of e-commerce sites cannot be "controlled" in the same way. Another issue is taxation. Governments collect sales taxes based on the type and value of goods sold. The money is used for general government purposes and building infrastructures. However, the development of the "remote sales," such as mail order/telephone order (MOTO) or online purchasing, broke the relationship between physical presence and commerce, complicating the plans of the government to tax all retail commerce. Public Safety and Welfare – Critical issues in e-commerce center around the protection of children, strong sentiments against pornography in any public media, efforts to control gambling, and the protection of public health through restricting the sales of drugs and cigarettes online.