Latest News About Booking.com Data Breach

Here’s the latest on Booking.com data breach, based on recent reports.

• What happened: Booking.com disclosed unauthorized access to customer reservation data, including names, email addresses, phone numbers, physical addresses, and booking details. They stated that financial information (like credit card numbers) was not accessed.[2][3][6]
• When it occurred: The incident was detected in mid-April 2026, with notifications going out to affected users starting around April 12–14, 2026.[4][5][2]
• Response and risk: Booking.com reset PINs for impacted reservations and advised customers of potential phishing and “reservation hijacking” scams. They indicated they took action to contain the issue but have not publicly disclosed the exact number of affected users.[6][8][2]
• Public background and follow-ups: Coverage from multiple outlets notes the breach potentially enables scammers to impersonate hotels and request payments, emphasizing travel data security risks.[7][8][4]
• What travelers should do: If you booked via Booking.com, monitor communications from the platform, consider changing passwords, enable 2FA where available, be vigilant for phishing attempts, and check any bank or card activity for unusual charges. If you receive unexpected contact requesting payments, verify through official Booking.com channels.[2][6][7]

Illustrative caution: phishing waves have surged in some reports following the breach, with scammers leveraging the exposed booking context. Stay wary of messages asking you to click links or provide sensitive data pretending to be Booking.com or hotels.[6][7]

If you want, I can pull a focused summary from the most authoritative sources and provide a short actions checklist tailored to your Booking.com activity.[2][6]