Booking.com Confirms Phishing Attack, Raising Concerns Over Possible Data Breach

Richard Console, Jr.
Console and Associates, P.C.
Contact
LinkedIn
Facebook
X
Send
Embed

On November 12, 2023, reports emerged indicating that Booking.com has confirmed a recent phishing attack. Based on Booking.com’s statements, it appears as though hackers were able to steal consumers’ credit card information. Booking.com is still dealing with the ongoing impact of this incident, and the company’s investigation is ongoing. However, upon completing its investigation, Booking.com will be required to send out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you receive a data breach notification from Booking.com, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following a possible Booking.com data breach. For more information, please see our recent piece on the topic here.

Was Credit Card Information Leaked from Booking.com’s Website?

The Booking.com cyberattack was only recently announced, and more information is expected in the near future. However, several news sources have reported on the incident, and Booking.com has released a limited statement confirming the attack.

According to these sources, the attack began when a hacker pretending to be a traveler sent an email to various hotels. When a hotel employee clicked on a malicious link contained in the email, the hotel’s computer became infected with a virus. Once the virus was active, it allowed hackers to obtain hotels’ IDs and passwords for Booking.com. From there, hackers sent fake emails to travelers pretending to be members of the hotel staff. In these emails, hackers would explain they needed travelers to enter their credit card information into a fake Booking.com site, where hackers were able to obtain travelers’ credit card information.

Booking.com only recently confirmed the phishing attack, and the company is still in the process of investigating the impact of the attack. Once Booking.com completes its investigation, the company will be required under federal law to send out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.

More Information About Booking.com

Booking.com is a travel-related business based in Amsterdam, Netherlands. Booking.com offers reservations to more than 2.7 million properties, including 400,000 hotels, across the globe. Booking.com also allows owners of motels, apartment units, and resorts to upload their listings. Booking.com is one of the largest online travel agencies and is also routinely one of the most downloaded travel applications. Booking.com employs more than 21,600 people and generates approximately $10 billion in annual revenue.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.
Console and Associates, P.C.
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide