The booking platform Booking.com suffered a cyberattack that may have allowed unauthorized access to its customers' data, the company reported after detecting 'suspicious activity' that affected several reservations. Booking.com, based in the Netherlands, sent an email to users to warn them that 'unauthorized third parties' may have accessed information associated with reservations, including names, physical and email addresses, phone numbers, and other data provided by customers to accommodations. However, the company assures that banking data has not been compromised. Booking.com explained that it recently detected 'suspicious activity related to several reservations' and acted 'immediately' to contain the incident, assuring that the situation is now 'under control' and affected customers have been informed. As a preventive measure, Booking.com has updated the PIN codes linked to reservations to enhance security. The email sent to users also alerts to possible fraud attempts, such as emails or calls from people impersonating the platform or accommodations. In this regard, the company emphasizes that it never requests credit card data via email, phone, SMS, or messaging apps like WhatsApp, nor does it ask for payments outside the platform's usual channels. Booking.com has not specified how many customers were affected by the incident, for how long attackers may have had access to the systems, or the exact date of the unauthorized access to customer data. The company has reported the incident to the Dutch data protection authority, as required by regulation, and assures it will continue to strengthen its security measures to protect user information.
