Booking.com has been hit by a data breach, with “unauthorised parties” accessing customer data, including names, addresses, phone numbers and “certain booking information”.
The company has taken immediate steps to contain the issue and is notifying customers directly.
Booking.com declined to say how many people the hack had affected but was able to confirm that no financial information was compromised. The incident involved an undisclosed number of reservations in which information such as names, emails, addresses, phone numbers, and booking details were accessed.
Booking.com has previously faced online scams and cybercrime attempts on its platform, including phishing targeting hotel partners and customers.
Andy Ward, SVP International at Absolute Security, said: “The vast amount of sensitive personal information, ranging from contact details to banking data, held by organisations like Booking.com makes them a prime target for cybercriminals. Any organisation can be targeted, especially in an era where threats move at AI speed.
“Whether it’s human-targeted AI phishing attacks or breaches caused by unpatched devices, everyone must be prepared for when, not if, an attack occurs.”
“The shift for security leaders must be towards cyber resilience in order to remain operational in the face of an attack. It’s no longer enough to simply prevent attacks. Our research shows that critical security software currently fails to protect devices around 20% of the time, giving attackers open access for significant periods of time.”
“Security teams must prioritise getting devices and security controls back to an operational state, restoring them to the latest patch levels, and putting recovery systems in place to avoid falling victim to the era of downtime.”
The company lists more than 30 million accommodation venues worldwide and says it connects “millions of travellers” with experiences, transport and places to stay.
Booking.com is cooperating with relevant authorities and regulators as part of its ongoing investigation.
Leave a Comment