BWH Hotels hit by network compromise
Incident
Summary
Hide ▲
Show ▼
BWH Hotels disclosed a guest reservation data intrusion that exposed customer booking and contact details, increasing the risk of scams and phishing. The access began on October 14, 2025 and was discovered on April 22. Attackers reached a web application that housed some reservation records. Payment and other financial information was not stored in the affected system.
Timeline
-
12.05.2026 17:30 1 articles · 15d ago
Threat actors begin access to BWH Hotels reservation web application
Exploitation ObservedThreat actors gained access to a BWH Hotels web application that housed guest reservation data, including names, email addresses, phone numbers, and reservation details, with access beginning on October 14, 2025.
Show sources
- BWH Hotels Says Hackers Had Access to Reservation Data for 6 Months — www.securityweek.com — 12.05.2026 17:30
-
12.05.2026 17:30 2 articles · 15d ago
BWH Hotels discovers intrusion and takes reservation application offline
Initial DisclosureBWH Hotels discovered the intrusion on April 22, took the compromised application offline, and launched an investigation with external security experts; the company said payment and other financial information was not stored in the affected system, and the number of affected guests was unclear.
Show sources
- BWH Hotels Says Hackers Had Access to Reservation Data for 6 Months — www.securityweek.com — 12.05.2026 17:30
- BWH Hotels Says Hackers Had Access to Reservation Data for 6 Months — www.securityweek.com — 12.05.2026 17:30