Booking.com warns reservation data may have checked out with ...
AllSec.sh — a real-time aggregator of cybersecurity news, vulnerability disclosures, and security research from across the web.
allsec.shHere’s what the latest reporting indicates about Booking.com being hacked.
- Multiple outlets in mid-April 2026 reported a security incident where unauthorized parties accessed certain guest booking data, including names, email addresses, phone numbers, and booking details. Booking.com stated that payment data was not affected.[2][3][4]
- The company notified affected customers by email and said it had taken steps such as updating or resetting PINs associated with bookings to limit further risk. However, exact numbers of affected users were not disclosed.[3][2]
- Coverage notes that attackers used the stolen data for targeted phishing and fraud campaigns, including messages that reference specific bookings. The risk is described as ongoing until defenses and user awareness catch up.[4][3]
- Reports from tech news aggregators and security-focused outlets highlighted a broader risk to travelers, with warnings about vigilant verification of communications and avoiding links in unsolicited messages.[5][6]
If you want, I can compile a brief on how to protect yourself now (e.g., monitor for phishing; enable any available two-factor options; review recent bookings; update passwords) and provide a checklist for detecting and reporting suspicious activity. Would you like that?
Citations: Booking.com data breach coverage and details are reported by SZ (Süddeutsche Zeitung) and other outlets, e.g.,, with follow-up risk guidance in.[2][3][4]