Booking.com Confirms Data Breach as Hackers Access Customer Details
Booking.com confirms data breach exposing customer reservation details to unauthorized third party.
Summary
Booking.com has confirmed a targeted data breach affecting reservation records, exposing customer names, email addresses, phone numbers, postal addresses, and booking details. Payment information was not accessed, but the company warns users of increased phishing risk now that attackers possess personal and booking-specific data. The breach affects an unspecified number of users, though the company's 100+ million mobile app users in 2024 suggest potential scale.
Full text
Data Breaches Cyber AttacksBooking.com Confirms Data Breach as Hackers Access Customer Details Booking.com confirms a data breach exposing customer details to hackers. No payment data accessed, but users face risk of targeted phishing scams now! byWaqasApril 14, 20262 minute read Booking.com has begun contacting customers after confirming that a third party accessed parts of its reservation data. The company is describing the incident as a targeted breach affecting an unspecified number of bookings. According to its own communication to customers, the exposed data may include names, email addresses, phone numbers, postal addresses, and details linked to specific reservations. Booking.com says payment information was not accessed. The notification email sent to affected users explains that the company detected and contained suspicious activity, limiting the attackers’ access to certain reservation records. As a precaution, the company has reset PIN codes associated with bookings and warned users to remain alert for suspicious messages or calls posing as hotels or customer support. With booking data in hand, attackers can now use AI to create highly convincing phishing emails. A message referencing a real hotel stay, dates, or location is far more likely to trick someone into sharing payment details or clicking malicious links. Booking.com email in the French language translated with AI Booking.com has not disclosed how the breach occurred or how many users are affected. However, the fact that the company’s mobile app alone had over 100 million users in 2024 makes the situation more serious. Industry experts like Keven Knight, CEO of Talion, point to this exact risk, stating: “Given that Booking.com is the largest and most widely used travel agency site in the world, this could turn out to be a sizable attack. Currently, Booking.com is not confirming how many people were impacted or how the attack was carried out, with it only advising in emails what data has been accessed.” Keven warned that the lack of details from Booking.com puts users at greater risk of phishing, smishing (SMS phishing), Vishing (Voice phishing), and identity fraud. “It is therefore advised to use caution, ensuring all emails and communications requesting financial and personal data are thoroughly vetted before being actioned.“ Booking.com and Cybersecurity This is not the first time Booking.com has dealt with security challenges. The platform has previously been used as a channel for phishing campaigns, often involving compromised hotel accounts. Those past incidents already showed how effective travel-related scams can be when they appear credible. If you have a Booking.com account, treat unexpected messages or calls about bookings with caution, especially if they involve urgency or payment requests. Waqas I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cybersecurity and tech world. I am also into gaming, reading and investigative journalism. View Posts Booking.comCyber AttackCybersecuritydata breachPhishingPrivacyScam Leave a Reply Cancel reply View Comments (0) Related Posts Read More Security Cyber Attacks BlackCat (ALPHV) Gang Claims Ransomware Attack on NCR Data Center BlackCat ransomware initially claimed responsibility for the ransomware attack on its dark web blog but later removed its post, indicating negotiations between the two parties. byDeeba Ahmed Cyber Crime Cyber Attacks Malware Locky Ransomware in Action: Real-World Attack Description IT security professionals appear to be in a constant run after numerous ransomware authors who systematically infect individual… byDavid Balaban Cyber Attacks It’s Cyberwar, it’s Turkish vs Armenian Hackers Amid Nagorno-Karabakh Dispute Turkish hackers have been targeting Armenian websites and Armenian hackers are targeting Azerbaijani government — Meanwhile Azerbaijani hackers… byWaqas Cyber Attacks Anonymous Fights Animal Cruelty by Exposing Email Orders to Kill Bear Cubs This weekend, Bryce Casavant who is a Canadian conservation officer was suspended from duty when he denied the… byFarzan Hussain