Travelers who use Booking.com have started getting notices that strangers may have looked at their private information without permission. This situation has sparked fresh worries about how well big travel websites keep customer records protected.
The platform runs more than 28 million property listings spread across the globe. It helps people connect with hotels, apartments, and other lodging options in hundreds of countries while also arranging flights, car rentals, and fun activities for trips.
Those who received the overnight email learned that details such as their booking records, full names, email addresses, home or travel locations, phone numbers, and any messages sent to the property owner could have been viewed.
The company message explained that its team had spotted odd activity linked to some reservations and acted right away to stop the problem from spreading further.
Protecting every customer’s personal details remains the company’s biggest focus. Teams will keep improving the strong safety steps already in use and bring in extra layers to keep all future bookings safe.
To make sure reservations stay protected, the firm has changed the special PIN codes that unlock each booking.
Customers also received advice to step up their own defenses by adding good antivirus tools and staying watchful for common tricks where fraudsters pretend to be trusted companies in order to grab money or secret facts.
A spokesperson for Booking.com later issued a clear statement confirming that no banking or payment details had ever left the company’s own secure systems.
Right now, no one knows exactly how many people were caught up in the incident.
This alert arrives at a time when the travel company is already facing heavier criticism because of a sharp jump in reports about lost money and ruined stays. The wider tourism industry also feels unsteady because of the ongoing war involving Iran.
Incidents where scammers target Booking.com users have grown more common lately. One example is Steve Atkin, who lives in Port Macquarie on the mid-north coast of New South Wales and became one of the many victims.
Steve felt confused and angry after a phone call from someone pretending to work for Booking.com ended with cash disappearing from his bank account and heading overseas.
The problem began when he reserved a place in Bali back in December. After spotting issues with the property, he moved to another hotel and asked the platform for a refund.
A few days later, a caller who claimed to be a customer-service agent from Booking.com phoned him about that refund request.
The person on the line asked for Steve’s card information. Steve answered that any real staff member from the company would already have those details saved.
When he checked his bank statement afterward, he saw that one hundred dollars had been taken out.
Steve reached out to Booking.com himself soon after. The company told him the caller had never been employed there and had no right to speak or act for them.
Even though Steve never shared his credit card numbers and had made the original booking through the official website, he still cannot figure out how the scammer learned about the refund or managed to take the money.
Booking.com eventually gave him back both the stolen amount and the cost of his stay, but the whole process took nearly two months.
Steve called the experience an extremely stressful ordeal that felt like a total nightmare from start to finish.
Booking.com serves as the flagship brand for one of the biggest online travel groups in the world.
Its parent company, Booking Holdings, brought in more than 38 billion dollars in revenue during the previous year and also owns other popular travel names such as Agoda, Kayak, and Priceline.
Within Australia, Booking.com stands as the top choice among online travel sites and handles more than 30 percent of all bookings made through such agents, according to the newest industry report from IbisWorld.
Official records collected by the ABC reveal that state and territory consumer agencies received 842 complaints about Booking.com across the past two years.
The true total is likely much larger because Victoria, Western Australia, and the Northern Territory do not release figures for complaints aimed at specific businesses.
The National Anti-Scam Centre reports that phishing scams took more than 31 million dollars from victims in the past year. Over 65,000 separate scams reached Scamwatch in 2025, and the majority of people who lost money were aged 65 or older.
Booking.com has reminded its customers to watch out for suspicious emails and phone calls that could come from criminals pretending to represent the company or the actual property owners.
The firm stressed that it would never request credit card numbers over the phone, by text message, through WhatsApp, or ask anyone to send money to a different bank account than the one listed in the original booking confirmation.
Other Stories You May Like