Booking.com has recently experienced a data breach, with customers being contacted via email about “unauthorized third parties” being potentially able to access their booking information.
Reportedly, the breach affected a number of reservations, although Booking.com has not shared how many customers were affected by it.
RELATED:
Booking.com Data Breach
According to an email one X user received, Booking.com wrote that “unauthorized third parties may have been able to access certain booking information associated with your past or upcoming reservation(s).”
“Based on the findings of our investigation to date, accessed information could include booking details and name(s), email address(es) and phone number(s) associated with the booking and anything that you may have shared with the accommodation,” continued the email. Notably, Booking.com said that financial information was not accessed from their systems.
Websites will force you to give your email and phone number, leak them and (optionally) send an email to inform you about the breach. @bookingcom pic.twitter.com/CPEslxSEfD
— Prabal Banerjee (@prabalbanerjee) April 14, 2026
Since the breach, Booking.com says it has updated Pins for reservations, and has sent out emails to affected customers like the one pictured above. As one of the largest travel services in the world, Booking.com has seen nearly seven billion check-ins since 2010.
Data breaches like these ones can lead to what experts call “reservation hijacks.” These are scams that attempt to trick customers by pretending to be a hotel so that victims will send the scammers money, with the victims under the impression that the money is being used to solve a false reservation issue.
“Booking.com will never ask guests to share credit card details by email, over the phone, Whatsapp or text, or ask guests to make a bank transfer that is different from the payment policy details in their booking confirmation,” said Booking.com.
