The international travel platform Booking.com has officially acknowledged a security incident that may have exposed sensitive traveler information to unauthorized third parties. On Monday, the company confirmed that data such as full names, email addresses, phone numbers, and specific reservation details were potentially compromised.
Incident Overview
The breach came to light after multiple users on platforms like Reddit shared notifications they received from the company. According to these alerts, the unauthorized access included:
- Standard contact information (Phone, Email, Name).
- Specific details regarding travel itineraries.
- Any additional communications shared directly with the hotel or accommodation provider.
The Rise of Targeted Phishing
Evidence suggests that the stolen data is already being weaponized. One affected traveler reported receiving a fraudulent WhatsApp message two weeks prior, which contained their exact booking details. This indicates that bad actors are likely using the leaked information to conduct highly convincing phishing campaigns aimed at defrauding customers.
Company Response and Mitigation
In a statement, Booking.com spokesperson Courtney Camp confirmed that the company identified “suspicious activity” and moved quickly to secure the affected accounts.
“Upon discovering the activity, we took action to contain the issue. We have updated the PIN number for these reservations and informed our guests.” – Courtney Camp, Booking.com
Despite the confirmation, the company has remained tight-lipped regarding the total number of individuals impacted. However, a representative clarified to The Guardian that no financial data or payment information was accessed during the breach.
Context: The Role of “Stalkerware”
This incident follows earlier 2024 reports detailing how hackers targeted hotel computer systems using consumer-grade spyware, often referred to as stalkerware. In one documented instance, software known as pcTattletale captured screenshots of a hotel employee’s screen while they were actively logged into the Booking.com administrative portal, providing a potential gateway for hackers to scrape customer data.
