Booking.com Data Breach Exposes Sensitive Customer Information

Summarize with:

ChatGPT Claude.ai Google AI Grok Perplexity

Add as preferred source on Google

A Booking.com cybersecurity incident affected its user base, the global travel reservation platform confirmed on Monday. Following unauthorized system access, malicious actors successfully extracted sensitive reservation details, though financial data remains secure. 

Booking.com Cybersecurity Incident

Booking representatives acknowledged that unauthorized third parties penetrated their network infrastructure, resulting in substantial customer data being accessed by attackers. The exfiltrated datasets contain: 

• full names, 
• email addresses, 
• phone numbers, 
• specific booking itineraries, 
• direct communications between guests and accommodation providers.

Booking.com successfully contained the breach, stating that attackers did not acquire payment infrastructure data or physical home addresses, according to The Guardian. People reported online that the company started sending breach notification messages this past week, as per TechCrunch.

Reports indicate that cybercriminals are already weaponizing the stolen data. Reports say that attackers have launched targeted social engineering campaigns, using WhatsApp to send phishing messages referencing exact booking details to establish credibility and deceive victims.

Company Response

In response to the intrusion, the organization reset security PINs for all impacted reservations and issued formal security notifications to affected individuals to secure the platform, The Guardian reported.

This Booking.com data breach underscores the critical need for robust access controls across massive third-party integration networks. Security professionals urge users to scrutinize all unsolicited communications regarding their travel itineraries and implement continuous endpoint monitoring to prevent secondary exploitation.

In December 2025, GrayBravo expanded CastleLoader operations with Booking and DAT Freight impersonations, while in June, fake Booking sites disseminated AsyncRAT. In 2024, Booking was impacted by phishing via compromised partners and generative AI phishing campaigns.

Related

Rockstar Games Data Breach Reportedly Leaked Analytics via Prior Anodot Security Incident

Basic-Fit Data Breach Exposes 1 Million Member Records, Impacting at Least 200,000 Customers in the Netherlands

Canis C2 Surveillance Framework Exposed API Discovered Targeting Japan

Main Suspect in €6 Million Swedish Bank Scam with At Least 25 Victims Extradited from the US to Sweden

8 Tech Giants' CSAM Reporting Deficiencies Investigated Following NCMEC Documented Findings

Hallmark Data Breach Exposes 1.7 Million Customers via Salesforce Compromise, Including Hallmark+ Records

Your Weekly Cybersecurity Briefing

Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.

Subscribe for Free

Please enter a valid email address.

Most Popular

Rockstar Games Data Breach Reportedly Leaked Analytics via Prior Anodot Security Incident

Telegram Rolls Out Anti-Censorship Update as CEO Urges Russians to Use Multiple VPNs

Basic-Fit Data Breach Exposes 1 Million Member Records, Impacting at Least 200,000 Customers in the Netherlands

Surfshark Introduces ‘Dausos’ - A New VPN Protocol Focused on Speed and Security

NordVPN Removes Dedicated P2P Servers, Confirms Support Shift

Canis C2 Surveillance Framework Exposed API Discovered Targeting Japan

Rockstar Games Data Breach Reportedly Leaked Analytics via Prior Anodot Security Incident

Telegram Rolls Out Anti-Censorship Update as CEO Urges Russians to Use Multiple VPNs

Basic-Fit Data Breach Exposes 1 Million Member Records, Impacting at Least 200,000 Customers in the Netherlands

Surfshark Introduces ‘Dausos’ - A New VPN Protocol Focused on Speed and Security

NordVPN Removes Dedicated P2P Servers, Confirms Support Shift

Canis C2 Surveillance Framework Exposed API Discovered Targeting Japan