Unauthorized access to Booking.com reservation data triggers PIN resets and phishing risk
Summary
Hide ▲
Show ▼
Unauthorized parties gained access to reservation data on Booking.com, a major global online travel platform, prompting forced PIN resets and direct email notifications to impacted users. Compromised data includes full names, email addresses, postal addresses, phone numbers, and communications with property providers. Booking.com has not disclosed the total number of affected users but states all impacted individuals are being notified directly. The incident raises concerns about targeted phishing campaigns leveraging exposed reservation details.
Timeline
-
13.04.2026 20:30 1 articles · 2h ago
Booking.com reservation data exposed in unauthorized access, triggering PIN resets and phishing warnings
Booking.com disclosed unauthorized access to reservation data, prompting forced PIN resets and direct email notifications to impacted users. Exposed data includes full names, contact details, and communications with properties. Users report targeted phishing attempts referencing reservation information, indicating active exploitation of leaked data. The company has not disclosed the number of affected users or the attack vector.
Show sources
- New Booking.com data breach forces reservation PIN resets — www.bleepingcomputer.com — 13.04.2026 20:30
Information Snippets
-
Booking.com confirmed unauthorized third-party access to reservation data, triggering immediate PIN resets for all affected reservations (past and present).
First reported: 13.04.2026 20:301 source, 1 articleShow sources
- New Booking.com data breach forces reservation PIN resets — www.bleepingcomputer.com — 13.04.2026 20:30
-
Affected data types include full names, email addresses, postal addresses, phone numbers, and communications shared between users and property providers.
First reported: 13.04.2026 20:301 source, 1 articleShow sources
- New Booking.com data breach forces reservation PIN resets — www.bleepingcomputer.com — 13.04.2026 20:30
-
Booking.com sent direct email notifications from [email protected] to impacted users, including updated reservation PINs and warnings about potential phishing attempts.
First reported: 13.04.2026 20:301 source, 1 articleShow sources
- New Booking.com data breach forces reservation PIN resets — www.bleepingcomputer.com — 13.04.2026 20:30
-
Users reported receiving suspicious emails and calls referencing reservation details, suggesting exploitation of leaked data for social engineering attacks.
First reported: 13.04.2026 20:301 source, 1 articleShow sources
- New Booking.com data breach forces reservation PIN resets — www.bleepingcomputer.com — 13.04.2026 20:30
-
Booking.com operates as a global travel intermediary, handling hundreds of millions of bookings annually across accommodation, flights, car rentals, and travel experiences.
First reported: 13.04.2026 20:301 source, 1 articleShow sources
- New Booking.com data breach forces reservation PIN resets — www.bleepingcomputer.com — 13.04.2026 20:30
-
The company did not disclose the scale of the breach or the attack vector used to gain unauthorized access.
First reported: 13.04.2026 20:301 source, 1 articleShow sources
- New Booking.com data breach forces reservation PIN resets — www.bleepingcomputer.com — 13.04.2026 20:30