A new cyberattack has hit one of the world’s most widely used travel booking platforms.
Booking.com recently suffered a security breach that allowed unauthorized third parties to access sensitive information of an unspecified number of customers.
The discovery of the breach prompted the company, headquartered in Amsterdam, to send an urgent notice via email this morning, warning travelers about the possible involvement of their profiles.
User data stolen from Booking.com
The company’s top management explained that they had noticed suspicious activity linked to several bookings and that they had acted immediately to contain the threat.
The company stressed that the security of personal information remains the highest priority. To ensure the integrity of ongoing bookings and protect customers from further intrusions, the platform promptly proceeded to update the security PIN codes associated with the stays, informing the guests involved immediately.
Exposed data and guidance for users
According to details emerging from internal investigations, cybercriminals managed to exfiltrate a substantial amount of data. Among the information in the hackers’ hands are the specific booking details, the users’ names, the email addresses, the phone numbers, and potentially any other conversation or information exchanged privately between customers and the accommodations.
Although the initial notice warned of possible exposure of addresses, Booking.com’s spokespeople later clarified that no financial information has been compromised and they assured that physical addresses were not stolen.
The company chose not to specify the exact number of people involved in this data breach, simply strongly encouraging its subscribers to install antivirus software to protect themselves from future threats, with particular attention to phishing scams that could exploit stolen emails and phone numbers.
