Booking.com hacked; tells customers: Unauthorised persons may have viewed any information you …
One of the world’s biggest hotel booking websites, Booking.com, has confirmed a hacking attack. According to a report in Tech Crunch, Booking.com has said that hackers may have accessed customers’ personal data, including names, email addresses, phone numbers, and booking details. According to the company, the problem is “now under control” and “the affected guests” have been informed. The global travel and hotel reservation giant notified customers of the breach as per posts shared online.Booking.com spokesperson Courtney Camp told TechCrunch that the company “noticed some suspicious activity involving unauthorized third parties being able to access some of our guests’ booking information. Upon discovering the activity, we took action to contain the issue. We have updated the PIN number for these reservations and informed our guests.”
What Booking.com told customers
The email states that Booking.com “recently noticed suspicious activity” that “affects a number of reservations.” ANP saw the email. The message also states that the investigation into the possible leak revealed that unauthorized persons may have viewed “booking details, name or names, email addresses, and physical addresses,” as well as “phone numbers linked to the booking and any other information you may have shared with the accommodation.”“We’re writing to inform you that unauthorized third parties may have been able to access certain booking information associated with your reservation,” read the notification to customers, according to one user’s post on Reddit. Several other Reddit users replying to the post said they received the same notification. The message from the company included the aforementioned types of compromised data, as well as “anything that you may have shared with the accommodation.”
What Booking.com’s email to customers does not tell
The email sent by the company does not state when the hack occurred or how many people may have been affected. Booking.com has so far also not made an official statement on the hacking.
Booking.com users claim receiving Phishing emails and messages
A user claimed that he received phishing messages on WhatsApp. “My booking was part of the breach, I got contacted by scammers by a WhatsApp Business Account. They presented me with all my info (Name, Creditcard, Phone, Mail, Booking ID, Timeframe, Hotel) and they lured me onto a fake Booking.com site trying to get me to do VISA 3D Secure (with pictures of my hotel and everything). I then noticed the domain, cancelled & contacted Booking. They also assured me everything was fine & the hotel is at fault. That was one month ago. Got the email today… and now the first Spam Mail with my full name in it – so the data was sold too,” he wrote. Another user on Reddit wrote, “I received the What’s App message allegedly from a “check-in manager” at one of the several hotels I’ve booked for an upcoming trip. I recognized it immediately as a scam, and did not click on anything, or respond. A day or so I received an in-app message from the same hotel, basically confirming I have a solid reservation with them, there is nothing I need to do except show up, and repeating a standard warning to NEVER respond to messages outside of the Booking app. All my bookings are “pay on arrival” and I don’t save bank card info with Booking. I didn’t bother contacting the hotel, or Booking, to tell them of this breach, because I’ve read about this scam many times in the past, and figured that they both already know about it. Should I report it at this point?”
Users warns: Be careful of your credit card
“We got the email and it referenced one of many upcoming bookings. They didn’t indicate that the breach included credit card info, but we will closely monitor the card we usually use with them. A lot of the information they mention is available on the web anyway, like name, address and often phone numbers. The hacker may have been trying to get at something else, such as holding their system hostage for money. But linking names, emails, phones etc., can be valuable information to fraudsters. Just be extra cautious when receiving emails and, if possible (hard for some people who operate businesses with their phone) but don’t answer calls from anyone not in your contact list.
