Customers began receiving notifications April 12-13
According to Booking.com’s own notifications and follow‑up reporting, the exposed information may include:
- Names
- Email addresses
- Phone numbers
- Postal addresses
- Reservation details (dates, property info, itinerary)
- Messages or notes shared with accommodation providers
Booking.com has repeatedly stated that payment and credit‑card data were not accessed.
Booking.com reports it:
- Reset reservation PIN codes tied to affected bookings
- Contacted impacted customers directly by email
- Advised customers to be vigilant for phishing attempts
- Stated the incident is now “under control”, though investigations are ongoing
The company has not disclosed:
- How many customers were affected
- Exactly when the breach occurred
- Technical details of how the access happened
While no financial data was taken, experts warn that the combination of personal info + travel details makes this breach particularly dangerous. Attackers can craft highly convincing phishing messages (email, SMS, WhatsApp, or phone calls) that reference real bookings.
Reports already show customers receiving scam contacts pretending to be Booking.com or their hotel, asking for “verification” or payments.
Booking.com has emphasized that it will never:
- Ask for credit‑card details
- Request bank transfers
- Ask for personal information via email, phone, text, or WhatsApp
Customers are strongly advised not to click links in unsolicited messages claiming to be from Booking.com or properties.
Based on Booking.com’s guidance and security reporting:
- ✅ Treat unexpected messages about bookings as suspicious
- ✅ Verify any issue by logging directly into Booking.com (not via links)
- ✅ Be cautious of urgent payment or “verification” requests
- ✅ Monitor email and messaging apps for phishing attempts
No comments:
Post a Comment