TravelAwaits

Our mission is to serve the 50+ traveler who's ready to cross a few items off their bucket list.

News and TipsTravel News

Inside the Booking.com Data Breach—Should You Be Worried?

Tay Belgeri
Apr.20.2026
POLAND - 2025/11/26: In this photo illustration, a silhouetted individual is seen holding a mobile phone with a Booking.com logo displayed in the background. (Photo Illustration by Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images)
  • News and Tips
  • Travel News
    • Tay Belgeri
    Apr.20.2026

    Booking.com is one of several platforms to have recently suffered a cyberattack called a ‘reservation hijack’.

    Videos by TravelAwaits

    The incident occurred on April 13, 2026, when hackers were able to gain access to information on Booking.com users. The goal is to use this information on users, including personal data, and their history of bookings on the platform. This has been dubbed ‘reservation hijacking’ by cybersecurity groups.    

    That’s because scammers pretend to be working for Booking.com, sending follow-up emails to users to trick them into sending more money.

    Here’s what you need to know about the recent Booking.com hack, along with what to look for if you receive an email you think could be a form of reservation hijacking.

    A closer look at the Booking.com breach and reservation hijacking

    Currently, Booking.com has yet to release an official statement about the hack, including how many of its users have been affected. However, according to an email released by Booking.com to affected users, the hackers did not gain access to financial data.

    According to the BBC, some customers received a warning from the company, which stated that hackers were able to access information like names, emails, addresses, phone numbers, and previous bookings. In the same email, Booking.com says that the company took immediate action to ‘contain the issue’.

    This type of reservation hijacking looks identical to other phishing scams, in which customers are sent an email that looks legitimate and are asked to re-enter financial data or cover another fee.

    According to Booking.com in a subsequent statement, “Booking.com will never ask guests to share credit card details by email, over the phone, Whatsapp or text, or ask guests to make a bank transfer that is different from the payment policy details in their booking confirmation.”

    So, what should you look out for? And how can you prevent phishing from reservation hijacking?

    If you receive an email asking you to submit additional financial information, redo a reservation you already booked, or cover a missed fee, think twice. As stated above, Booking.com will never ask you to complete these types of financial transactions in an email.

    If you aren’t sure whether or not you’re being phished via email, you have a few options. First, don’t click on any links in the article—they could be fake links or lead to sites with malware. Second, log in to your Booking.com account and double-check if you still owe anything—you should see any pending payments directly on the website.

  • News and Tips
  • Travel News
    • Image of Tay Belgeri Tay Belgeri View Full Profile

      Tay Belgeri is a writer and traveler from the Heartland who now lives in the Mediterranean. She has almost two decades of international travel, learning, and immigration experience under her belt. She also has a Bachelor of Arts degree in Global Studies—yes, it’s a thing. With Travel Awaits, Tay is demystifying the act of travel for fellow Americans by covering her favorite adventures, latest bucket-list experiences, and lessons she learned the hard way. She focuses on the little details that make trips easier to plan and more magical to experience. During her career, Tay has been published on AP News, Ranker, MSN, and other major publications. But don’t think of her as a travel writer—she’s a traveler and a writer. Travel is her nature; writing is her trade.