Booking.com confirms phishing attack, raising concerns over possible data breach

The OTA is still dealing with the ongoing impact of this incident, and the company’s investigation is ongoing

Nov 14, 2023

On November 12, 2023, reports emerged indicating that Booking.com has confirmed a recent phishing attack. Based on the company's statements, it appears as though hackers were able to steal consumers’ credit card information.

Key takeaways

  • According to these sources, the attack began when a hacker pretending to be a traveler sent an email to various hotels. When a hotel employee clicked on a malicious link contained in the email, the hotel’s computer became infected with a virus;
  • Once the virus was active, it allowed hackers to obtain hotels’ IDs and passwords for Booking.com. From there, hackers sent fake emails to travelers pretending to be members of the hotel staff;
  • In these emails, hackers would explain they needed travelers to enter their credit card information into a fake Booking.com site, where hackers were able to obtain travelers’ credit card information.

Get the full story at JD Supra

Related must-reads