Booking.com has officially acknowledged a phishing attack on November 12, 2023, raising concerns as hackers potentially gained access to consumers’ credit card information. The company is actively dealing with the repercussions, conducting an ongoing investigation into the incident. Following the completion of the investigation, Booking.com will adhere to legal obligations, necessitating the issuance of data breach notification letters to all individuals impacted by the security breach.
Receiving a data breach notification prompts a crucial understanding of the risks and necessary actions. Seeking guidance from a data breach lawyer becomes essential to navigate potential threats of fraud or identity theft, along with exploring legal options in the aftermath of a Booking.com data breach. News reports have shed light on the cyberattack, where a hacker, posing as a traveler, initiated the incident by sending deceptive emails to various hotels.
Upon a hotel employee clicking on a malicious link, their computer was infected with a virus, enabling hackers to obtain hotel IDs and passwords for Booking.com. Subsequently, fake emails were sent to travelers, tricking them into entering credit card details on a fraudulent Booking.com site.
Although Booking.com recently confirmed the phishing attack, more details are anticipated. The investigation is ongoing, and once concluded, the company will comply with federal law, issuing data breach letters to affected individuals. These letters will outline the compromised information belonging to victims. As the situation develops, staying informed through reliable sources is crucial for those potentially impacted by the incident.