Booking.com confirmed on Monday that unauthorized third parties may have accessed customer data, including names, email addresses, phone numbers, and booking details. The global travel reservation giant notified affected users of the breach during the past week, citing a security incident involving suspicious activity. In a notification message shared by multiple users, the company stated that specific reservation information may have been accessed by hackers. The compromised data also included any personal information users shared directly with the accommodation providers. A user who received the alert reported seeing a phishing message via WhatsApp two weeks prior containing similar details, suggesting the attackers are now using the stolen data to target victims. Courtney Camp, a spokesperson for Booking.com, told TechCrunch that the company identified the unauthorized access and took immediate action to contain the issue. Security measures included updating the PIN numbers for the affected reservations. While the spokesperson declined to specify the number of customers impacted, the company explicitly stated that no financial information or physical addresses were compromised during the incident. This event follows a broader trend of security issues in the travel sector. In 2024, TechCrunch reported that hackers had infected hotel computers with consumer-grade spyware, known as stalkerware. In one documented case, software called pcTattletale captured screenshots of a victim's screen while they were logged into their Booking.com administration portal. Booking.com continues to serve a massive user base, with its website noting that 6.8 billion hotel and home bookings have been made since 2010. The company emphasized its commitment to guest safety but has not released a detailed timeline of the breach or the exact duration of unauthorized access. As the investigation proceeds, users have been advised to remain vigilant against potential phishing attempts using the leaked data.