
by Lacey Pfalz
Last updated: 9:00 AM ET, Wed April 15, 2026
Booking.com has become the latest travel company to announce a data breach this week, alerting users via email that some threat actors might have accessed booking information associated with reservations, but making it clear that no physical addresses have been leaked.
Booking.com told TravelPulse that “At Booking.com, we are dedicated to the security and data protection of our guests. We recently noticed some suspicious activity involving unauthorized third parties being able to access some of our guests’ booking information. Upon discovering the activity, we took action to contain the issue. We have updated the PIN number for these reservations and informed our guests.”
The online travel agency did not state how many people had been affected by the attack or what types of information were breached, only that the threat actors did not have access to physical addresses and that the OTA “immediately took action to contain the issue.”
Booking.com has seen over 6.8 billion guest arrivals since 2010, according to Forbes, so the potential number of impacted users could be quite high.
Users of the OTA should be on high alert for any messages, emails or phone calls that may be phishing attacks. Always use a known address instead of clicking links in emails, and be highly suspicious of any email that requests personal or financial information.
For the latest travel news, updates and deals, subscribe to the daily TravelPulse newsletter.
Topics From This Article to Explore