Booking.com has acknowledged a data breach, indicating that unauthorized third parties may have gained access to certain customer booking information.
In a communication sent to users on April 12, the company reported detecting suspicious activity related to several reservations and took prompt action to mitigate the situation.
According to the company, the data potentially accessed includes booking details, names, email addresses, phone numbers, and any information provided to accommodation providers during the booking process.
However, Booking.com emphasized that customers’ financial information was not compromised from its systems.
To secure affected bookings, the company has reset the PIN codes associated with those reservations.
They also cautioned users to remain vigilant against phishing attempts, including emails or calls from individuals impersonating Booking.com or accommodation providers.
“We will never ask you to share credit card information via email, over the phone, through text, or WhatsApp,” the company stated in its message to users.
“We will never request a bank transfer that deviates from the payment policy outlined in your booking confirmation,” it added.
Booking.com advised users to refrain from clicking on suspicious links and to ensure security measures, such as antivirus software, are active on their devices.
The company mentioned it is continuously enhancing its security protocols and encouraged users to reach out to customer support if they observe any unusual changes to their reservations.
This incident occurs amidst a significant surge in cyber threats, with Indian websites reportedly facing over 265 million attacks in 2025, as highlighted in a cybersecurity report by Quick Heal Technologies Limited released this year.
Also Read: Teens as young as 13 exposed to pornographic content on Elon Musk’s X: Study
