Booking.com customers warned of ‘reservation hijacking’ after hack

Booking.com customers warned of ‘reservation hijacking’ after hack

A recent data breach at Booking.com has triggered a new wave of scams, termed ‘reservation hijacks’ by cybersecurity experts. Hackers have gained access to customer information, potentially enabling them to launch targeted fraud campaigns. Some users have reported receiving suspicious messages, indicating the scam is already underway. Booking.com has introduced updated PINs for reservations and is sending alerts to affected individuals, cautioning them about the heightened risk. However, the Dutch company has not disclosed the exact number of impacted users or the regions involved.

According to the BBC, the platform has recorded nearly seven billion check-ins since 2010, solidifying its position as a global leader in travel services. In communications with customers, Booking.com stated: “We recently observed unusual activity affecting several reservations and swiftly addressed the issue.” The company confirmed that criminals accessed names, email addresses, phone numbers, and details of past and current bookings, though financial information remained untouched.

Scammers exploit stolen data for precise attacks

Cyber-security firm Norton has labeled these scams ‘reservation hijacks’ due to criminals contacting customers impersonating hotels to create fake booking issues. “These schemes have existed for some time, but the recent data breach has intensified their threat,” explained Luis Corrons, a security evangelist at Norton. He highlighted how the compromised data allows fraudsters to craft convincing phishing attempts, referencing real properties, travel dates, and contact details to mimic legitimate customer service interactions.

Booking.com urged guests to remain cautious of phishing attempts, clarifying that it would never request credit card details via email, phone, or messaging apps. The company emphasized that any bank transfers should align with the payment policies outlined in booking confirmations. Prior to this incident, scammers had long exploited the platform by hacking hotel accounts to send phishing emails and texts. The BBC has documented similar scams multiple times since March 2023, with dozens of customers reporting financial losses.

One affected user described feeling “failed” by the travel firm after falling victim to the fraud. Keeper Security’s CEO, Darren Guccione, noted that the breach’s progression from data exfiltration to active phishing campaigns within days suggests a more calculated attack. “This indicates a deliberate strategy rather than a random opportunity,” he stated. The ongoing incident underscores the growing vulnerability of the hospitality industry to cyber threats.

Sign up for our Tech Decoded newsletter to stay informed about the latest tech developments. Outside the UK? Subscribe here.