Overview
- Booking.com says unauthorized parties accessed some guests’ names, contact info, and stay details from reservations, not payment data, and it has reset reservation PINs and sent warnings.
- Scammers are using real booking facts to pose as hotels and send convincing messages that ask travelers to reconfirm payment or complete check-in through a link, often via WhatsApp.
- Reports from customers describe messages timed close to arrival that create urgency and confusion, raising the risk that people share card details or send money.
- Malwarebytes cites a Microsoft investigation that links the intrusion to a group called Storm-1865, which phished hotel staff with a “ClickFix” lure to install remote-control malware on partner systems.
- The company has not disclosed how many users or regions were hit, and prior cases — including a 2018 partner breach that led to a Dutch regulator fine — underline ongoing scrutiny of Booking.com’s security across its hotel network.