The accommodation booking platform Booking.com has experienced a data breach, allowing unauthorized individuals to access customer information.
The company reported that it “detected unusual activity involving unauthorized third parties accessing some of our guests’ booking information.”
In response to this incident, Booking.com stated, “We acted swiftly to contain the issue,” and added that they have updated the pin codes for affected reservations and notified their customers.
Based in Amsterdam, Booking.com offers listings for over 30 million accommodations globally and aims to connect “millions of travelers” with various experiences, transportation options, and lodging.
The company did not disclose the number of customers impacted by the breach. A representative confirmed that “financial data was not compromised.”
In a communication to those affected, the company indicated that hackers might have gained access to “certain booking information” related to a customer’s prior reservation.
“Preliminary findings suggest that the information accessed could include booking details along with names, email addresses, physical addresses, and phone numbers associated with the reservation, as well as any information shared with the accommodation,” the message stated.
This incident marks the latest in a series of cyber threats facing Booking.com. Recently, the company has been addressing an uptick in online scams, where fraudsters solicit payment information to pre-authorize or verify bookings, only to impose exorbitant charges.
In 2018, cybercriminals employed phishing strategies to obtain login credentials from hotel staff in the United Arab Emirates, gaining access to booking information for more than 4,000 users.
Additionally, Booking.com reported the breach to the Dutch data protection authority 22 days late, resulting in a fine of €475,000.
The broader travel industry is also under pressure to tackle the increasing number of fraudulent listings on booking platforms.
Booking.com is a subsidiary of Booking Holdings, a $137 billion US corporation that also owns OpenTable, Agoda, and Kayak. The parent company is headquartered in Norwalk, Connecticut, and employs over 24,000 staff worldwide.
