Data breach at Booking.com, travelers’ personal data exposed

Online travel agency Booking.com has fallen victim to a data breach, affecting an unknown number of customers.

In an email addressed to victims, which was viewed by Cybernews, Booking.com says that “suspicious activities” were recently noticed and “unauthorized third parties” gained access to “certain booking details” related to their reservation.

As soon as the data breach came to light, the online travel agency launched an investigation. According to the company’s first findings, a lot of personal details have been exposed, including names, email addresses, phone numbers, residential addresses, and other information customers may have shared with the accommodation.

Booking.com doesn’t say whether financial information, travel histories, or passwords have been leaked. All affected tourists have received a new PIN code “to keep the booking safe.”

Booking recommends being vigilant for any phishing attempts.

“We will never ask you to share your credit card information via email, phone, text message, or WhatsApp. We will never ask you to make a bank transfer that differs from the payment terms in your booking confirmation,” the company says.

“If you receive an email that appears to have been sent by the accommodation or Booking.com, be cautious before clicking on any links. We recommend that you set up security protocols, such as antivirus software, on your devices to protect yourself against phishing,” the agency continues.

“The security of your personal information is our top priority. We continue to improve and expand the robust security measures we have put in place to protect your reservations,” Booking concludes its email.

It remains unclear when the data theft happened and how many people may have been affected. A company spokesperson refuses to respond to questions from several media outlets.