Data Breach Hits Over 100 Dutch Hotels via Shared Booking Software
Hospecs, a Dutch hospitality services firm, confirmed a data breach affecting at least 100 Dutch hotels, with reports also coming from Belgium and Ireland. The breach exposed guests' contact details and reservation information, which criminals are using for phishing attacks.
Signal context
First seen: Jun 2, 2026
Last updated: Jun 19, 2026
Status: Public signal
Key points
- Breach confirmed by Hospecs on June 2, 2026.
- Affected at least 100 Dutch hotels, with potential impact on hundreds or thousands of guests.
- Stolen data includes guests' contact details, arrival, and departure dates.
Signal analysis
BetaThis analysis groups the signal by industry, likely incident action and impacted security area. It helps compare this signal with other published signals without treating the labels as final determinations.
Sector: Information
Likely country: 🇳🇱 Netherlands
inferred from company domain
Watch phishing, executive impersonation and account-takeover exposure.
- Source type: outside the affected organization
Impact area: Confidentiality
Likely asset: User or customer data
- 3 signals in the same sector
- 22 signals with the same likely impact area
- 1 signal linked to this organization/domain
External sources
Mass data breach on over 100 Dutch hotels hits guests - DutchNews.nlhttps://www.dutchnews.nl/2026/06/mass-data-breach-on-over-100-dutch-hotels-hits-guests/Public source from dutchnews.nl.
Dozens of Dutch hotels affected by data breach - Techzine Globalhttps://www.techzine.eu/news/security/120000/dozens-of-dutch-hotels-affected-by-data-breach/Public source from techzine.eu.
Related signals
Grouped by why the signal is relevant.
Oracle Cloud Authentication Data Breach by 'rose87168'
A threat actor identified as 'rose87168' claimed to have breached Oracle Cloud's federated Single Sign-On (SSO) login servers and exfiltrated approximately 6 million records, impacting over 140,000 tenants. The stolen data reportedly includes Java Key Store (JKS) files, encrypted SSO and LDAP passwords, and Enterprise Manager JPS keys. While Oracle initially denied a breach of its main Oracle Cloud Infrastructure (OCI) platform, it acknowledged a security incident involving two obsolete servers where usernames were accessed. Cybersecurity firms and independent researchers confirmed the validity of some data samples shared by the threat actor. The attacker was active since January 2025 and sought assistance to decrypt stolen data, demanding payments to prevent further exposure. CISA issued guidance on credential risks associated with a potential legacy Oracle cloud compromise.
Marquis Software Solutions Ransomware Attack Exposes 672,000 Individuals
A ransomware attack on fintech firm Marquis led to the theft of sensitive personal and financial data, impacting hundreds of thousands of individuals.
Oracle Affected by FortiBleed Campaign
Oracle was identified as one of over 22,000 corporate domains affected by the FortiBleed campaign. A Russian-speaking criminal group compromised Fortinet firewall and VPN devices globally, exfiltrating credentials and potentially gaining full network access.
Paywall Bypass Vulnerability
Tweakers.net has identified a vulnerability that allows for the bypass of its paywall. This issue is listed as a 'Known issue' within their bug bounty program, indicating that the company is aware of the flaw and is seeking ethical hackers to report findings related to it. A successful bypass could allow unauthorized access to premium content.
Horizon Family Medical Group Data Breach
Reports emerged on June 18, 2026, of a possible data breach at Horizon Family Medical Group, a medical provider in New York's Hudson Valley region. Threat actor Incransom claimed to have stolen 7 TB of data, including medical information such as diagnoses, prescriptions, treatments, and lab results.
Kodak Confirms Breach Amid ShinyHunters Leak Threat
Kodak confirmed a data breach on June 18, 2026, after the ShinyHunters group claimed to have stolen 2.2 million records and threatened to leak them.