Hotel site Booking hid major hack tied to U.S. espionage: report

An American hacker with ties to United States intelligence services broke into hotel site Booking.com's systems in early 2016, NRC reports. The hacker stole details of thousands of hotel reservations in the Middle East.

The Amsterdam-based hotel booking site asked Dutch intelligence service AIVD for help investigating the data theft, but affected customers and the Dutch Data Protection Authority (AP) were not informed, according to the newspaper.

Booking.com said in a response that it was not obliged to report the data breach to AP or customers.

The privacy law that applied in 2016 stated that those involved in a data breach have to be informed if it "likely had adverse consequences" for them. It seems that Booking.com assumed the breach had no negative consequences for its customers. But that is not automatically true, experts said to NRC.

The site eventually identified the hacker. According to NRC, he worked for a company that carried out assignments for an American intelligence service.