Booking.com Confirms Data Breach After Hackers Access Customer Information

Booking.com is reaching out to its customers following a confirmed data breach in which a third party accessed portions of its reservation data. The company characterizes this incident as a targeted attack impacting an undisclosed number of bookings.

In communications to affected customers, the exposed information may consist of names, email addresses, phone numbers, postal addresses, and specific reservation details. Notably, Booking.com has stated that payment information has not been compromised.

The email notifications sent to impacted users detail the company’s detection and containment of suspicious activities. This response ensured that unauthorized access to certain reservation records was limited. As a precautionary measure, Booking.com has reset PIN codes associated with affected bookings and advised users to remain vigilant against potential phishing attempts, including fraudulent messages or phone calls masquerading as hotel or customer support communications.

With legitimate booking information potentially in hand, cybercriminals could leverage AI to craft persuasive phishing emails. Messages that reference actual hotel reservations, dates, or locations stand a higher chance of deceiving unsuspecting individuals into divulging sensitive payment information or clicking on harmful links.

A Booking.com notification email, translated using AI

While Booking.com has not revealed the specifics of how the breach occurred or the total number of users affected, the gravity of the situation is amplified by the fact that the company’s mobile app has over 100 million users as of 2024. Experts such as Keven Knight, CEO of Talion, underscore the seriousness of the breach, indicating that the scale of Booking.com as the largest travel agency site increases the impact of this incident.

Keven highlighted the potential risks posed by the lack of detailed information from Booking.com, which could leave users vulnerable to phishing attacks, smishing (SMS phishing), vishing (voice phishing), and identity theft. He advises that individuals be cautious and thoroughly vet any communications requesting personal or financial details before taking action.

Booking.com and Cybersecurity

This breach is not the first security challenge Booking.com has encountered. The platform has previously been exploited in phishing campaigns, often involving compromised hotel accounts, illustrating the effectiveness of travel-related scams that can appear legitimate.

Users with Booking.com accounts should exercise caution when receiving unexpected messages or phone calls about reservations, particularly those that create a sense of urgency or involve requests for payments. Cybersecurity vigilance is essential in a landscape where data breaches can easily lead to more severe consequences.

Source

Related Posts

Cyber Attack Disrupts Passport Control at Istanbul Airport

July 26, 2013

The passport control system at Istanbul Ataturk Airport’s international departure terminal experienced a cyber attack on Friday, impacting operations at another airport in the city. Passengers faced lengthy delays, with many waiting hours as flight departures were postponed due to the system shutdown at both locations. Authorities were able to restore functionality after some time.

Reports indicated that the passport control system at Sabiha Gokcen International Airport was also affected by issues stemming from the Polnet data system managed by the Istanbul provincial security directorate. Preliminary investigations suggest the systems may have been compromised by malware, though authorities are still determining whether any user information was extracted from the affected machines.

As of now, there has been no claim of responsibility for the cyber attack. This incident is part of a worrying trend of malware attacks targeting critical infrastructure. Cybersecurity has become an increasingly critical concern in recent years.

Chinese Hackers Exposed by U.S. Water Control System Decoy

August 5, 2013

A notorious hacking group from China, known as APT1 or Comment Crew, potentially affiliated with the Chinese military, has been caught infiltrating a simulated United States water control system, also referred to as a honeypot. Kyle Wilhoit, a researcher from Trend Micro, disclosed the findings at the BlackHat Conference this past Wednesday.

Back in December, the hackers targeted a water control system for a U.S. municipality, unaware it was a ruse set up by Wilhoit. The decoy utilized a Word document embedded with malicious software, allowing for complete access.

These honeypots closely resembled the ICS/SCADA devices employed in critical infrastructure for power and water facilities. The setup, which employed cloud software, produced realistic web-based login and configuration screens for local water plants, making them look as though they were based in various countries, including Ireland, Russia, Singapore, China, Japan, Australia, Brazil, and the U.S. Researchers have traced the activity back to the APT1 Group, which was previously linked to by the security firm Mandiant.

Pakistani Hackers Target Thousands of Israeli Websites in Support of Palestine

August 14, 2013

A widespread cyber attack is currently underway, with thousands of Israeli websites being compromised by Pakistani hackers in solidarity with the Palestinian people. Reports indicate that around 650 Israeli websites have already been infiltrated, with the hackers posting their messages on these sites. One hacker, known by the alias “H4x0r HuSsY,” communicated with The Hacker News to announce upcoming releases of additional hacked websites. The attacker’s message included slogans such as “LONG LIVE PALESTINE – PAKISTAN ZINDABAD HAPPY INDEPENDENCE DAY TO & FROM TEAM MADLEETS.”

The affected sites include semi-government, personal, and corporate Israeli domains. At the time of this report, many of these websites continue to display defaced pages. This cyber offensive follows a recent declaration of a “cyber war” on Israel by global hacker collectives, including the Anonymous group, after the Israeli Defense Forces threatened to cut off internet access in Gaza.

FBI Collaborated with Anonymous and LulzSec Hackers to Target Foreign Governments

August 28, 2013

Sentencing for former LulzSec leader Hector Xavier Monsegur, also known as “Sabu,” has been postponed again. Monsegur, who pleaded guilty to multiple criminal charges two years ago, faces a maximum sentence exceeding 124 years. Additionally, fellow LulzSec hacker Jeremy Hammond has alleged that the FBI utilized Sabu to orchestrate attacks against foreign governments, leveraging the efforts of Anonymous and other hackers.

The ongoing delays suggest that the FBI may not be fully extracting information from Monsegur, hinting at the possibility that he is assisting with other covert operations as claimed by Hammond. In a recent statement, Hammond accused the U.S. government of directing Monsegur to motivate fellow hacktivists to breach foreign government entities. “What many don’t realize is that Sabu was also used by his handlers to orchestrate hacking activities targeting government-selected entities, including multiple foreign government websites,” Hammond stated.