Booking.com was under tightened supervision for a year due to several data leaks
Booking.com was under tightened supervision by the Dutch Data Protection Authority (AP) last year due to the Dutch hotel booking site reporting data leaks later than they were supposed to, according to AP. The watchdog, who issued Booking.com a fine of 475,000 euros three years ago, added that the company is currently following the rules and that the tightened supervision ended at the start of this year.
The AP reported that they monitored Booking.com for a year beginning in January 2023 to ensure that the company reports data leaks on time to the relevant authorities and victims.
The watchdog said that Booking had to inform the AP on the measures the company implemented to ensure that they report data leaks in a timely manner and what the company is doing to prevent such incidents in the future. The watchdog also checked whether Booking.com was reporting all the data leaks.
Booking.com was issued a fine in March 2021 because the company was late reporting that user data was stolen because of a data leak in December 2018.
Cybercriminals had access to the names, addresses, and phone numbers of more than 4,000 people. They also had the credit card details of 300 people who had booked a hotel room via the website.
Booking.com discovered the leak in January 2019 and should have reported it within 72 hours but they actually disclosed it weeks later.
The hotel booking site was also late in reporting data leaks on several occasions in 2022, according to a spokesperson for AP. The watchdog had Booking under tightened supervision due to these missteps and the fine.
The company was ordered to enact more security measures by AP, the spokesperson added.
Cybercriminals attacked Booking again in 2023, the AP reported. This resulted in guests being duped by hackers who hijacked the accounts of accommodation providers, the watchdog added.
Fraudsters allegedly asked guests to pay for hotel rooms again, telling them the first payment had not gone through. The spokesperson would not answer any questions regarding the data leaks.
The privacy and safety of personal data is a "top priority" at Booking.com, a company spokesperson said. The booking site wants to adhere to the "strict" privacy laws and has therefore promised to make considerable investment into protecting data and improving their response time to data leaks.
Reporting by ANP