World Travel Holdings Data Breach (2012)

An unauthorized person gained access to the booking system by misusing the log-in credentials of an authorized user. Although credit card information is encrypted when it is stored in the booking system, the unauthorized person used a decryption feature of the system to view the card number and expiration for a limited number of individuals.