Overview
- Booking.com, which emailed users Monday, said it detected suspicious activity on some reservations, contained the issue, and reset reservation PINs.
- The company says exposed data may include names, emails, phone numbers, addresses, booking details, and messages to properties, but no payment information.
- Reports and customer posts show scammers are already sending tailored phishing on WhatsApp and email using real booking details, so users are urged to confirm requests only inside the official app or site.
- Booking.com has not said how many people were affected or how access occurred, and security analysts note travel scams often start with compromised hotel or partner accounts.
- Given the platform’s global reach, even a small share of bookings could affect many travelers, and a 2021 Dutch fine over a partner-login breach highlights the sector’s recurring weak points.