Booking.com has confirmed a data breach that may have exposed sensitive booking information belonging to customers, including some users in South Africa.
The travel platform said unauthorised third parties may have accessed reservation-related data, including names, email addresses, phone numbers, physical addresses and booking details.
The company has not disclosed the scale of the breach or the number of South African users affected.
However, it confirmed that reservation PINs linked to impacted bookings were reset as part of its immediate response.
Rising phishing concerns
Cybersecurity experts warn that exposed booking data can be used for highly targeted phishing scams.
Attackers may impersonate hotel staff or Booking.com support teams, using genuine reservation details to pressure users into making payments or revealing card information.
South Africa’s growing cybercrime problem
The incident comes as South Africa continues to face a steep rise in cyberattacks and data breaches.
Local regulators receive hundreds of breach notifications every month, with attacks increasingly affecting both government and private-sector organisations.
Source: Booking.com, MyBroadband, TechCrunch, The Guardian
