Booking.com Confirms Data Breach Exposing Customer Booking Details
Booking.com Data Breach Exposes Customer Information

Booking.com Confirms Data Breach Exposing Customer Booking Details

Booking.com has officially reported a significant data breach, with customer details being accessed by unauthorized parties. The travel accommodation website issued a statement confirming it noticed suspicious activity involving third parties gaining access to some guests' booking information.

Customer Notifications and Investigation Findings

Some Booking.com customers received an email on Sunday regarding a potential data leak. The company has confirmed that the problem is now under control and that all affected guests have been informed. In the email, Booking.com detailed that the investigation into the leak revealed unauthorized parties may have viewed sensitive booking details.

This includes names, email addresses, physical addresses, phone numbers linked to the booking, and any other information shared with the accommodation. The breach highlights ongoing cybersecurity challenges in the travel industry, where personal data is frequently exchanged.

Wide Pickt banner — collaborative shopping lists app for Telegram, phone mockup with grocery list

Background on Booking.com's Regulatory Issues

This incident follows previous regulatory scrutiny for Booking.com. In November 2025, the Advertising Standards Authority (ASA) ruled that Booking.com, along with Accor, Travelodge, and Hilton, used misleading "from" price claims for hotel rooms. The ASA found these ads overstated the availability of rooms at advertised rates and banned all four companies from such practices.

In Booking.com's case, an ad on May 6 promoted "Places to stay in Sheffield – Best Price Guarantee," with text reading "easyHotel Sheffield City Centre From £28." Booking.com argued that the dates and prices were dynamically chosen by Google from provided data, varying per user search.

Implications and Company Response

The data breach raises concerns about data protection and customer trust in online booking platforms. Booking.com has assured customers that measures are in place to prevent future incidents, but this event underscores the importance of robust security protocols in handling personal information.

As the travel sector continues to digitalize, such breaches serve as a reminder for both companies and consumers to prioritize cybersecurity. Booking.com's swift notification to affected parties is a step toward transparency, but the full impact of the breach remains under assessment.

Pickt after-article banner — collaborative shopping lists app with family illustration