Booking.com has confirmed that hackers may have gained access to customer data, including names, email addresses, phone numbers, and booking information.
The company began notifying affected users over the past week, with several customers sharing screenshots of the alert online.
In the notification sent to users, Booking.com said that unauthorized third parties may have accessed certain booking details linked to their reservations. The message also noted that any information shared directly with the accommodation could have been exposed. Multiple Reddit users reported receiving the same notice, suggesting the issue may be widespread.
One affected user told TechCrunch they received a phishing message on WhatsApp about two weeks ago that included their booking details and personal information. This indicates that attackers may already be using the stolen data to target customers with scams.
Booking.com spokesperson Courtney Camp said the company detected suspicious activity involving unauthorized access to some guest booking information. After identifying the issue, the company took steps to contain it, updated PIN codes for affected reservations, and informed customers.
The company did not disclose how many users were impacted and declined to provide further details when asked. However, it confirmed that financial information was not accessed in the breach.
This incident follows earlier reports from 2024, when hackers infected hotel systems with spyware. In one case, a victim logged into their Booking.com admin portal and had their screen captured using stalkerware.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
Booking.com says that since 2010, around 6.8 billion customers have used its platform to book stays, highlighting the scale of its global user base.
