Orbitz, the online travel agent, said on Thursday that it informed law enforcement officials about a security breach that compromised some customers' e-mail addresses.
In the same week that Orbitz divulged the security breach, the McDonald's restaurant corporation announced that it would use the online travel agent to handle its corporate travel.
Reuters reported on Thursday that Orbitz, one of the country's three largest online travel services (along with Travelocity and Expedia), had reported a security breach to authorities.
"A small number of customers have informed us that they have received spam, or junk e-mail, from an unknown party that apparently used unauthorized and/or illegal means to obtain their e-mail addresses used with Orbitz," spokeswoman Terri Shank told Reuters, adding that there was no sign of customer password of account information being accessed.
Also last week came the report from McDonald's that it is planning to use Orbitz to book its employee travel in an attempt to reduce hassle to executives and to lower corporate travel costs.
Carlson Wagonlit, the travel company McDonald's had been using, expressed disappointment with the decision, even though Carlson will still provide McDonald's travel in some foreign countries. McDonald's made the decision after a nine-month trial period during which the company compared the traditional option with the online option and then chose Orbitz.
"Carlson Wagonlit continues to focus on enhancing the online and offline experience to optimize service for travelers, while creating bottom-line savings for its corporate clients," a Carlson representative told the Journal.
Orbitz for Business offered "substantial savings without sacrificing quality customer service," said McDonald's spokeswoman Anna Rozenich.