I urge any Booking.com customer to immediately change his/her password. According to travel guru Chris Elliott and Kaspersky Security, many of these passwords have been compromised since December and are for sale on the dark web (https://www.kaspersky.com/blog/booking-com-hacked-hotel-accounts-scam-customers/50109/). I received a phishing email from what appeared to be a legitimate Booking email account last week that asked me to follow a link to "re-enter" my payment information. I didn't fall for it and contacted Booking customer service. They told me to change my password. They DID NOT tell me that there had been a security breach and that these passwords are now for sale on the Internet. I have filed a complaint with my state's consumer protection agency to force Booking to come clean. Booking customers deserve an explanation and an apology.
This has been discussed on this forum quite a bit....
https://community.ricksteves.com/travel-forum/general-europe/booking-com-and-hackers
https://community.ricksteves.com/travel-forum/general-europe/fraudulent-booking-com-email
Thanks Frank II. I missed the earlier posts. Please regard this as a reminder--or as a warning to those who missed the earlier warnings.
Thanks for posting this, Thos - I think your thread goes into more detail and certainly should be read by anyone who has booked with the agency. Passwords floating around on the dark web is no little thing.
If you read the article carefully, it is not booking.com’s individual accounts that have been hacked and passwords stolen. The perps broke into the accounts of hotels that used booking.com for reservation services, stole account information for people who booked those hotels through booking.com, and used those credentials to send fake messages, appearing to come from booking.com, to those guests to get their credit card details. That is a very simplified explanation of a complicated scam, so read the article for complete details.
But changing one’s account password from time to time is always a good idea. Which reminds me, I need to change my password here, as got a notification from our security monitoring service that the password I use here has been compromised.
Internet criminals! It used to be that the only people you needed to be concerned about while on vacation were pickpockets.
We've come a long way since the days of that Nigerian Prince who wanted to make me so rich. : (
Here is another travel article explaining that scam and others, and what to watch out for.
Well, this thread encouraged me to change my password anyway. Nothing wrong with that, a password change was probably overdue.