South African travellers are among a global group of users currently being notified by Booking.com regarding a security breach that may have exposed sensitive personal information.
The popular reservation platform began reaching out to customers via email this week, confirming that ‘unauthorised third parties’ gained access to specific booking data. While the company stated it took immediate action to contain the suspicious activity, the scope of the exposed data has raised concerns regarding potential follow-up scams.
What information was exposed?
According to the official correspondence sent to affected South Africans, the information accessed by these third parties is comprehensive. Based on the findings of the investigation so far, the compromised data includes:
Personal Identity: Full names and contact details (emails, physical addresses, and phone numbers).
Booking Logistics: Specific reservation details and history.
Private Correspondence: Any additional information or special requests shared directly with the accommodation via the platform.
In an effort to secure existing accounts, Booking.com has confirmed it has already issued updated PIN numbers to affected users to prevent further unauthorized access to active bookings.
The primary concern now shifts from the breach itself to the risk of phishing attacks. Booking.com warned that hackers may use the stolen data to pose as hotel staff or customer service representatives.
“If you have received suspicious emails or phone calls, these could be from malicious actors pretending to represent the accommodation or Booking.com,” the company cautioned in its statement.
To help customers distinguish between legitimate communication and fraudulent attempts, the travel giant outlined several strict “never” policies:
No Credit Card Requests: The company will never ask for credit card details over the phone, email, text, or WhatsApp.
No Alternative Bank Transfers: They will never request a bank transfer that deviates from the specific payment policy listed in your original booking confirmation.
As the investigation continues, the platform is urging all users – not just those who received the alert – to remain hyper-vigilant. Customers are advised to scrutinize any communication regarding their travel plans and to avoid clicking on links within emails that seem even slightly suspicious.
