Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
AsyncRAT Campaign Leverages ScreenConnect to Evade Detection
July 2, 2026
AsyncRAT Campaign Exploits Cloudflare Tunnels and Python for Malware Delivery
July 2, 2026
New Microsoft 365 Phishing Uses OAuth Device Code Flow to Steal Tokens
July 2, 2026
Home/CyberSecurity News/Booking.com data breach exposes customer personal information
CyberSecurity News

Booking.com data breach exposes customer personal information

Key Takeaways Travel giant Booking.com has confirmed a data breach affecting customer personal information. Compromised data includes names, email addresses, phone numbers, physical addresses, and...

Sarah simpson
Sarah simpson
April 14, 2026 3 Min Read
58 0

Key Takeaways

  • Travel giant Booking.com has confirmed a data breach affecting customer personal information.
  • Compromised data includes names, email addresses, phone numbers, physical addresses, and reservation details.
  • While financial information was not directly accessed, the exposed data is being used for targeted phishing and social engineering attacks.
  • Booking.com has reset affected PINs and is notifying impacted customers, but the full scope of the breach remains undisclosed.

Booking.com Confirms Data Breach, Customer Information Exposed

Global travel booking leader Booking.com has acknowledged a cybersecurity incident, revealing that unauthorized actors gained access to sensitive customer personal data. This breach has exposed details such as names, email addresses, phone numbers, and specific reservation information, immediately raising concerns about an increased risk of targeted phishing campaigns for millions of travelers globally.

Table Of Content

  • Key Takeaways
  • Booking.com Confirms Data Breach, Customer Information Exposed
  • Undisclosed Scope and Attack Vector
  • Stolen Data Already Weaponized for Phishing
  • Pattern of Attacks Against Booking.com Ecosystem
  • What You Should Do

The company, which boasts over 28 million accommodation listings worldwide, confirmed on Monday that it detected suspicious activity linked to numerous customer reservations. Booking.com subsequently began notifying affected users via email, cautioning that “unauthorized third parties may have been able to access certain booking information associated with your reservation.”

Undisclosed Scope and Attack Vector

Despite making a public disclosure, Booking.com has refrained from providing critical details regarding the incident. The company has not disclosed the total number of customers impacted, the specific geographic regions affected, or the precise duration of the unauthorized access period.

A Booking.com spokesperson confirmed to TechCrunch that the company “noticed some suspicious activity involving unauthorized third parties being able to access some of our guests’ booking information” and stated that “action to contain the issue” was taken upon discovery. As an immediate security measure, Booking.com reset the PIN numbers associated with compromised reservations and informed the affected guests.

The extent of the compromised data reportedly includes booking specifics, full names, email addresses, physical addresses, phone numbers, and “anything that you may have shared with the accommodation.” Importantly, Booking.com assured The Guardian that financial information was not accessed during the breach. However, it remains unclear whether credit card data stored on the platform was completely isolated from the intrusion.

Stolen Data Already Weaponized for Phishing

Evidence strongly suggests that threat actors are already leveraging the stolen data for malicious purposes. At least one user on Reddit reported receiving a highly targeted WhatsApp phishing message approximately two weeks before receiving an official breach notification from Booking.com. This message notably contained accurate booking details and other personal information, indicating active operationalization of the compromised reservation data for social engineering campaigns designed to impersonate Booking.com or its affiliated accommodation providers.

In response, Booking.com has issued an explicit warning to its customers: the company will never request credit card details via phone, SMS, or WhatsApp, nor will it ask for bank transfers outside of its official booking confirmation protocols.

Pattern of Attacks Against Booking.com Ecosystem

This incident is not isolated and follows a documented history of attacks targeting the Booking.com ecosystem. In late 2023, cybersecurity firm Secureworks identified campaigns utilizing the Vidar infostealer to harvest credentials for hotel administration portals. This allowed attackers to directly message guests with fraudulent payment requests. Furthermore, a November 2025 report by Sekoia.io detailed sophisticated phishing campaigns that deployed ClickFix and PureRAT malware to compromise hotel accounts and subsequently target their customers.

What You Should Do

  • Be extremely cautious of unsolicited payment requests received via WhatsApp, SMS, or email, even if they appear to contain accurate booking details.
  • Always verify the authenticity of any communication claiming to be from Booking.com or an accommodation provider by contacting them directly through official channels (e.g., the official Booking.com app or website, or a verified hotel phone number).
  • Never click on suspicious links in emails or messages.
  • Regularly monitor your bank and credit card statements for any unauthorized activity.
  • Enable multi-factor authentication (MFA) on your Booking.com account and any associated email accounts.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackBreachCybersecurityHackerMalwarephishingSecurityThreat

Share Article

Sarah simpson

Sarah simpson

Sarah is a cybersecurity journalist specializing in threat intelligence and malware analysis. With over 8 years of experience covering APT groups, zero-day exploits, and advanced persistent threats, Sarah brings deep technical expertise to breaking cybersecurity news. Previously, she worked as a security researcher at leading threat intelligence firms, where she analyzed malware samples and tracked cybercriminal operations. Sarah holds a Master's degree in Computer Science with a focus on cybersecurity and is a regular contributor to major security conferences.

Previous Post

108 Malicious Chrome Extensions Steal User Data via Shared Infrastructure

Next Post

Okta AuthN Bypass Vulnerability Lets Attackers Impersonate Users

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Citrix Bleed (CVE-2023-4966) Critical Vulnerability Actively Exploited
July 2, 2026
DHS Confirms Breach of HSIN Information Sharing Network
July 2, 2026
ChatGPT Flaw Exposes User Files, Poses System Access Risk
July 2, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us