Booking.com data breach affects South African users
Online travel agency and metasearch engine Booking.com has notified several customers that it has suffered a data breach and that their private data may have been exposed.
Some users in South Africa were also affected. “At Booking.com, we’re dedicated to the security and data protection of our guests,” it stated.
“In that spirit, we’re writing to inform you that unauthorised third parties may have accessed certain booking information associated with your reservation.”
The company said it recently noticed suspicious activity affecting a number of reservations and immediately took action to contain the issue.
“Based on the findings of our investigation to date, accessed information could include booking details, names, emails, addresses, phone numbers, and anything that you may have shared with the property.”
Booking.com said it had changed reservation PINs to keep people’s bookings secure. It also advised customers to take extra precautions.
This included general advice like installing antivirus software and being extra wary of phishing and spearphishing attempts.
Founded in 1996 in Amsterdam, Booking.com has grown from a small Dutch start-up to one of the world’s top digital travel companies.
Booking.com describes itself as a technology company that takes the friction out of travel, connecting millions of travellers to memorable experiences and a variety of transportation options.
In addition to guesthouses and hotels, it also allows private individuals to list their homes or extra apartments on the platform.
“Booking.com enables properties around the world to reach a global audience and grow their businesses,” it stated.
The platform is available in 43 languages and offers more than 28 million accommodation listings, including over 6.6 million homes, apartments, and other unique places to stay.
Booking.com did not state how many people or listings were affected by the breach, or otherwise indicate the scale of the incident.
MyBroadband asked Booking.com how many South African users were affected and whether it would notify the Information Regulator about the breach. It declined to answer our questions.
Instead, it reiterated the information in the notice it sent to guests about changing their booking PINs. “Upon discovering the suspicious activity, we took action to contain the issue,” a spokesperson said.
The Information Regulator receives 284 breach notifications every month. Cybersecurity firm Palo Alto Networks has said that an organisation in South Africa is breached by a threat actor every 3 hours.
South Africa is seeing an unprecedented rise in data breaches, with incidents increasing by 60% in the first half of 2025 alone.
In March 2026, three South African organisations were breached by a new cyber extortion group calling itself XP95. Data from job seekers and students were stolen in the three incidents.
Student bursary provider the Gauteng City Region Academy (GCRA) and Statistics South Africa were the latest victims, following a successful attack on the Gauteng Provincial Government.
Loading ...