Cyberattack on Booking.com leaks customer booking data, scale still unclear

13 April 2026 , 14:39
1084     0
Cyberattack on Booking.com leaks customer booking data, scale still unclear
Cyberattack on Booking.com leaks customer booking data, scale still unclear

The accommodation reservation website Booking.com has experienced a data breach with "unauthorized parties" accessing customers’ details.

The platform stated it "noticed some suspicious activity involving unauthorized third parties accessing some of our guests’ booking information."

"Upon discovering the activity, we took action to contain the issue," it said. "We have updated the pin number for these reservations and informed our guests."

The company, headquartered in Amsterdam, lists more than 30 million accommodation venues worldwide and says it connects "millions of travelers" with experiences, transport, and places to stay.

Booking.com declined to say how many people were affected by the hack. A spokesperson said that "financial information was not accessed."

An email from the company to affected customers said the hackers may have been able to access "certain booking information" associated with a previous reservation the customer made.

"Based on the findings of our investigation to date, accessed information could include booking details and names, emails, addresses, phone numbers associated with the booking and anything that you may have shared with the accommodation," it said.

It is the latest in a series of cybercrime attempts on Booking.com. The company has recently struggled with the increasing number of online scams on its platform, with fraudsters asking for payment details to pre-authorize or verify before a trip, and then charging high amounts.

In 2018, criminals used phishing tactics to steal login details from hotel employees in the United Arab Emirates, allowing them to access the booking data of more than 4,000 people on the platform.

Booking.com reported the breach to the Dutch privacy regulator 22 days late, resulting in a fine of €475,000.

The wider industry is also facing calls to crack down on the proliferation of fake listings on booking websites.

Booking.com is owned by Booking Holdings, the $137 billion US company that also owns OpenTable, Agoda, and Kayak. The group is headquartered in Norwalk, Connecticut, and employs more than 24,000 people worldwide.

George MacGregor

George MacGregor

Editor-in-Chief

Booking Holdings, Personal Information, customers, Cyberattacks, Booking.com

Read more similar news:

06.06.2025, 21:07 • Crime
Victims of the Coinbase breach targeted by scammers — now through regular mail
13.06.2025, 18:02 • Crime
Cybercriminals are no longer just hackers – they’re operators in the stolen data marketplace, says the 2025 Europol report
14.09.2025, 21:27 • World News
UC Berkeley provides personal information of students and staff to the Trump administration
27.09.2025, 07:57 • Crime
Names and contact details of customers were compromised in a Harrods data breach
04.11.2025, 17:12 • Investigation
European media reveal that anonymous phone data of EU officials is being sold online
18.11.2025, 16:48 • UK News
Have I Been Pwned notifies individuals following the appearance of 1.3 billion passwords and 1.95 billion email addresses
20.11.2025, 07:51 • Crime
Russian hackers known as Qilin have been connected to a significant security breach at the London Women's Clinic, impacting NHS patients
08.01.2026, 10:30 • Crime
Cyber assault on Kensington and Chelsea council could have compromised data belonging to hundreds of thousands of individuals
27.03.2026, 18:51 • World News
A cyber group connected to Iran has revealed the emails and photographs of the head of the Federal Bureau of Investigation
07.04.2026, 19:48 • Crime
Meta engineer alleged to have circumvented security measures to obtain access to more than 30,000 private user photos