Booking.com Confirms Data Leak Exposing Customer Booking Information
Booking.com confirmed a data leak where 'unauthorized third parties' gained access to customer booking details. The company stated the issue has been resolved and affected guests have been informed. The extent of the leak and the exact timing of the attack were not fully disclosed, but the confirmation came on April 12, 2026.
Signal context
First seen: Apr 12, 2026
Last updated: Jul 3, 2026
Status: Public signal
Key points
- Unauthorized third parties accessed customer booking information.
- Exposed data includes names, email addresses, physical addresses, and phone numbers.
- Booking.com confirmed the incident on April 12, 2026.
Signal analysis
BetaIt helps compare this signal with other published signals without treating the labels as final determinations.
Likely country: 🇳🇱 Netherlands
inferred from source domains
Watch process controls, misconfiguration and accidental disclosure paths.
- Source type: outside the affected organization
Impact area: Confidentiality
Likely asset: User or customer data
- 1 signal in the same sector
- 88 signals with the same likely impact area
- 1 signal linked to this organization/domain
External sources
Data Breach Roundup (Apr 10-16, 2026) - Privacy Guideshttps://www.privacyguides.org/news/2026/04/17/data-breach-roundup-apr-10-16-2026/Public source from privacyguides.org.
Cyber News Roundup – April 17th 2026 - Integrity360https://www.integrity360.com/cyber-news-roundup-april-17th-2026Public source from integrity360.com.
New Booking.com data breach forces reservation PIN resets - BleepingComputerhttps://www.bleepingcomputer.com/news/security/new-bookingcom-data-breach-forces-reservation-pin-resets/Public source from bleepingcomputer.com.
Booking.com Says Hackers Accessed User Information - SecurityWeekhttps://www.securityweek.com/booking-com-says-hackers-accessed-user-information/Public source from securityweek.com.
Daily Breach Intelligence 13 April 2026 - Booking.com data breach; Rockstar Games supply chain hack; Adobe Acrobat zero-day & more - All Articles - CISO Platformhttps://cisoplatform.com/articles/daily-breach-intelligence-13-april-2026-booking-com-data-breach-rockstar-games-supply-chain-hack-adobe-acrobat-zero-day-morePublic source from cisoplatform.com.
April 2026 Data Breaches: 15+ Major Incidents & Latest Updates - SharkStrikerhttps://sharkstriker.com/blog/april-2026-data-breaches/Public source from sharkstriker.com.
Booking.com-Datenleck 2026 - Vorsicht vor Reservierungs-Hijacks und gezielten Angriffen.https://tuta.com/de/blog/booking-com-hacked-user-data-exposedPublic source from tuta.com.
Data Breach Tracker 2026: Latest Breaches and Settlements - Redfox Cybersecurityhttps://www.redfoxsec.com/blog/data-breach-tracker-2026-latest-breaches-settlementsPublic source from redfoxsec.com.
10 Data Breaches to Know About (April 2026) - Security Magazinehttps://www.securitymagazine.com/articles/102282-10-data-breaches-to-know-about-april-2026Public source from securitymagazine.com.
Booking.com Confirms Data Breach, Reservation PIN Codes Changed - Forbeshttps://www.forbes.com/sites/daveywinder/2026/04/14/bookingcom-confirms-data-breach-reservation-pin-codes-changed/Public source from forbes.com.
Booking.com data breach: Customer reservation data exposed - Help Net Securityhttps://www.helpnetsecurity.com/2026/04/14/booking-com-data-breach-customer-reservation-data-exposed/Public source from helpnetsecurity.com.
Booking.com Suffers Data Breach, Warns Customers of Exposed Informationhttps://techjacksolutions.com/scc-intel/booking-com-suffers-data-breach-warns-customers-of-exposed-information/Public source from techjacksolutions.com.
Booking.com bevestigt datalek, is spaarzaam met details - Techzine.nlhttps://www.techzine.nl/nieuws/security/576967/booking-com-bevestigt-datalek-is-spaarzaam-met-details/Public source from techzine.nl.
Datalek Advies – Bescherm jezelf na de grote datalekken van 2026https://datalekadvies.nl/Public source from datalekadvies.nl.
Booking.com datalek 2026 - Privacy en beveiliging - GoT - Gathering of Tweakershttps://gathering.tweakers.net/forum/list_messages/2332770Public source from gathering.tweakers.net.
Related signals
Grouped by why the signal is relevant.
Peter Thiel's Dialog Society Data Leak Exposes Senior US Officials
A data exposure at Dialog, a private events group co-founded by Peter Thiel, unmasked personal information and login tokens for US and allied national security figures. The incident, which Dialog internally classified as a cyberattack but evidence suggests was a website misconfiguration, exposed private details of 222 registrants for its 2026 retreat, including names, private contact details, active login tokens, and internal ratings.
Whise.eu (European Real Estate CRM) Data Leak by ChimeraZ
The threat actor ChimeraZ claimed to have leaked a database from Whise, a Belgian CRM system for the real estate sector, on the dark web on June 23, 2026. The leaked data reportedly consists of 40.85 million records, approximately 15.8 GB of JSON files. Whise is a market leader in Belgium and also active in France.
Vienna Airport Targeted in APT73/Bashe Ransomware Attack
The ransomware group APT73/Bashe claimed responsibility for a cyberattack against Vienna Airport (Flughafen Wien AG) on June 23, 2026, threatening to leak sensitive data. The airport acknowledged a limited leakage of old cargo-related files from one email inbox but denied a broader system compromise.
Meta Pauses AI Employee Monitoring Program After Internal Data Leak
Meta temporarily paused its internal AI training program, the Model Capability Initiative (MCI), on June 22, 2026, following a security incident that exposed sensitive employee data to broader internal access than intended. The program, launched in April 2026, collected data on employees' work activities, including keystrokes, mouse movements, conversations, transcripts, and performance-related information, to train AI models. The leak reportedly exposed private employee conversations, performance data, and transcriptions. Meta classified the incident as a SEV 2 and is investigating, stating that privacy safeguards were in place and no external breaches were indicated.
ShinyHunters Threatens to Leak 8.8 TB of One Medical Seniors Patient Data by June 22 Deadline
Amazon-owned primary care provider One Medical faced a data extortion threat from the ShinyHunters group, which claimed to have stolen 8.8 terabytes of data from One Medical Seniors (formerly Iora Health) and threatened to leak it by June 22, 2026, if a ransom was not paid. One Medical had previously disclosed a cybersecurity incident on June 17, 2026, involving unauthorized access to a third-party file storage system containing archived patient information for One Medical Seniors. The unauthorized access occurred between June 8 and June 11, 2026. The potentially compromised information includes demographic and clinical records for some patients.
Kee Wah Bakery Hit by Ransomware Attack, Data Leak Fears Emerge
Hong Kong's famous Kee Wah Bakery revealed on June 22, 2026, that it was hit by a ransomware attack on its internal network. The incident, which caused network malfunctions last Friday (June 19), targeted systems containing employees' personal data, as well as information related to business partners, online store customers, and mobile app members. While the company could not confirm if data was extracted, it has engaged cybersecurity experts, notified the Office of the Privacy Commissioner for Personal Data and police on Sunday (June 21), and is contacting affected parties as a precautionary measure. No customer payment or credit card information was involved.
