Overview
- Booking.com, which emailed notices Monday, said it detected suspicious activity on a number of reservations and reset PINs for affected bookings.
- The company said accessed data may include names, emails, phone numbers, home addresses, reservation details, and messages shared with properties.
- A spokesperson told SecurityWeek there is no evidence customer accounts were breached and that no financial or payment information was accessed.
- Several reports describe phishing attempts that used real booking details in emails or WhatsApp messages to push travelers to share or repay using new links.
- Booking.com has not said how many users were affected or how the data was obtained, a lingering uncertainty that echoes earlier travel-sector breaches through compromised hotel or partner systems.