Booking.com, a global online travel agency, has confirmed a data breach that may have exposed customer information to unauthorized third parties. The company notified affected users via email, stating that suspicious activity was detected involving reservations. The accessed data could include booking details, names, email addresses, phone numbers, and any additional information shared with accommodations. Financial information was not compromised, according to the company.
Booking.com has taken immediate action to contain the breach, including issuing new reservation PINs for affected customers. The company emphasized that the security of personal information remains its utmost priority and that it will continue to enhance its security measures.
Experts warn that the breach could lead to an increase in targeted scams, particularly as travelers may be under time pressure to resolve booking issues. Scammers have been known to impersonate hotel representatives, contacting victims to obtain personal and banking details. Booking.com advises customers to be vigilant and to verify any suspicious communications directly with the platform.
This is not the first data breach reported at Booking.com. In 2018, a similar incident involved phishing tactics targeting hotel employees in the United Arab Emirates, leading to the exposure of over 4,000 customers' data. The company was fined €475,000 for reporting the breach late.
The platform, which operates in nearly every country and territory worldwide, has over 30 million accommodation listings. Customers are urged to ensure their devices have security protocols, such as antivirus programs, to prevent phishing attempts.