Booking.com Confirms Data Breach, Hackers May Have Accessed Customer Personal Information
L'essentiel
- Booking.com confirmed a data breach where hackers may have accessed personal customer data, including names, emails, and booking details.
- The company notified affected customers and stated financial information was not compromised.
Résumé généré par IA
Pourquoi c'est important
Booking.com is a major global online travel agency that facilitates the booking of accommodations, including hotels and homes. Data breaches in the travel and tech sectors are increasingly common, raising concerns about customer privacy and cybersecurity measures.
Booking.com confirmed Monday that hackers may have accessed customers’ personal data, including names, email addresses, phone numbers, and booking details.
The global travel and hotel reservation giant notified customers this past week of the breach, according to several online posts.
“We’re writing to inform you that unauthorized third parties may have been able to access certain booking information associated with your reservation,” read the notification to customers, according to one user’s post on Reddit. Several other Reddit users replying to the post said they received the same notification. The message from the company included the aforementioned types of compromised data, as well as “anything that you may have shared with the accommodation.”
The user who posted the notification on Reddit told TechCrunch that they received a phishing message via WhatsApp two weeks ago that included “booking details and personal information.” That suggests hackers are leveraging the stolen information to target Booking.com customers.
Booking.com spokesperson Courtney Camp told TechCrunch that the company “noticed some suspicious activity involving unauthorized third parties being able to access some of our guests’ booking information. Upon discovering the activity, we took action to contain the issue. We have updated the PIN number for these reservations and informed our guests.”
The spokesperson declined to answer TechCrunch’s specific questions, including how many customers were affected by this incident and then notified.
The company told The Guardian that “financial information was not accessed.”
In 2024, TechCrunch reported that hackers had infected several hotels’ computers with consumer-grade spyware, or stalkerware. In one case, a victim was logged into their Booking.com administration portal when the pcTattletale stalkerware took a screenshot of their screen.
According to the company’s website, 6.8 billion customers have booked hotel rooms and homes since 2010.
Updated with comment from Booking.com spokesperson to note that physical addresses were not taken in the breach.
À surveiller
Perspective IA — des possibilités, pas des certitudes
Booking.com will face regulatory investigations and potential fines related to the data breach.
Très probable · En quelques mois
Customers who received notifications will be targeted with more sophisticated phishing attempts.
Probable · En quelques semaines
Booking.com will implement enhanced security measures and communicate these to customers.
Très probable · Court terme
Questions ouvertes
- How many customers were affected by the breach?
- What specific booking information was accessed?
- What was the exact method used by the hackers to access the data?
- What specific actions is Booking.com taking to prevent future breaches?






