Booking.com Breach: How Stolen Reservations Fuel ‘Reservation Hijacking’ Scams

In April 2026, Booking.com disclosed that unauthorized parties had accessed customer booking information, exposing names, contact details, addresses, and reservation specifics for an undisclosed number of travelers. The breach, likely stemming from compromised hotel partner accounts, has triggered a wave of sophisticated scams where fraudsters impersonate hotels to demand payments or steal bookings. This episode examines the incident’s mechanics, immediate fallout, and broader lessons for traveler cybersecurity in an era of supply-chain vulnerabilities.