Booking.com suffers data breach, says customer data possibly exposed
The online travel platform said that customers' financial information was not accessed from its systems.
The Booking.com app is seen on a smartphone in this illustration taken on Feb 27, 2022. (Photo: REUTERS/Dado Ruvic)
This audio is generated by an AI tool.
SINGAPORE: Online travel agency Booking.com said it suffered a data breach that may have exposed customers’ personal details to “unauthorised parties”.
In an email sent to users on Wednesday (Apr 15) and seen by CNA, Booking.com said it had recently noticed “suspicious activity affecting a number of reservations” and that “unauthorised third parties may have been able to access certain booking information” linked to past or upcoming reservations.
The platform confirmed that customers' financial information was not accessed from its systems.
"We immediately took action to contain the issue," Booking.com said.
"Based on the findings of our investigations to date, accessed information could include booking details and name(s), email address(es) and phone number(s) associated with the booking and anything you may have shared with the accommodation," it added.
The platform has sent new PINs for those with reservations and urged users to ensure they have security protocols - such as an antivirus programme - set up on their devices to prevent phishing attempts.
Booking.com also sought to reassure customers, saying that the security of their personal information is its "utmost priority".
"We will continue to enhance and extend the robust security measures we have in place to secure your reservations with us."
CNA has reached out to Booking.com on the number of customers affected by the data breach.
The platform is one of the most popular online travel booking sites and has a presence in almost every country and territory in the world, with more than 30 million accommodation listings, according to Booking.com.
Booking.com users have previously been targeted by scammers posing as hotel representatives linked to their bookings, contacting victims to obtain personal and banking details.
Customers were warned to watch for suspicious emails or phone calls, with Booking.com saying it would never ask for credit card details through such channels, including text messages or WhatsApp.
