Booking.com has confirmed a data breach that exposed customer data linked to reservations made on its platform. The company has initiated PIN resets for existing and past reservations as a precautionary measure.
Although Booking.com has not disclosed the number of affected customers, impacted users will receive emails regarding the breach. Reports indicate that the compromised data includes full names, email and postal addresses, phone numbers, and some communications from hospitality providers.
Customers reported receiving emails about the breach over the weekend, particularly on the Booking.com subreddit. Some users expressed confusion as no notifications were sent via the Booking.com app, leading to questions about the legitimacy of the emails.
A Booking.com communications representative confirmed the breach, stating that unauthorized third parties gained access to guests’ booking information. “At Booking.com, we are dedicated to the security and data protection of our guests,” the representative, Sage Hunter, said. “Upon discovering suspicious activity, we took action to contain the issue.”
Booking.com operates platforms for over 30 million accommodations and services hundreds of millions of customers globally. It remains unclear whether the company will provide free identity theft protection services to those impacted by the breach.
Users are advised to verify received emails against Booking.com’s list of trusted emails and to remain vigilant against phishing attempts. They should monitor their spam folders for potential notifications from Booking.com regarding the breach.
New notifications regarding the breach are expected to arrive shortly, with users potentially receiving information by mail as well. Affected individuals should watch for communications from the company to understand their next steps.
