Booking.com confirms that hackers obtained customer information

Booking.com confirmed on Monday that hackers were able to access customer information, including names, emails, addresses, phone numbers, and booking information. The global travel and hotel booking giant notified customers last week of the breach, according to multiple online posts.

“We are writing to inform you that unauthorized parties may have access to some of your booking information,” read the notice to customers, according to one user’s post on Reddit. Several other Reddit users commenting on the post said they received the same notifications. The message from the company included the aforementioned types of data that were compromised, as well as “anything you may have shared a location with.”

A user who posted the information on Reddit told TechCrunch that he received a fraudulent message via WhatsApp two weeks ago that included “information about storage and personal information.” This means that hackers are using the stolen information to target Booking.com customers.

Booking.com spokeswoman Courtney Camp told TechCrunch that the company “sees suspicious activity where unauthorized parties may have access to some of the guest’s reservation information. When we became aware of the incident, we took steps to address the issue. We have changed the PIN number for this reservation and notified our guests.”

The spokesperson declined to answer TechCrunch’s specific questions, including how many customers affected by the incident were subsequently notified.

The company he told The Guardian that “funds were not available”.

In 2024, TechCrunch reported that hackers infected computers in several hotels with cheap spyware, or stalkerware. In one instance, a victim was logged into their Booking.com management portal when the PcTattleTale stalkerware took a screenshot of their screen.

According to company website6.8 billion customers have booked hotel rooms and apartments since 2010.