Security · 1h ago
Booking.com Breach Exposes Customer Data via Third-Party Vendor
Booking.com confirmed unauthorized third-party access to customer reservation data, including names, addresses, and phone numbers. The core platform was not compromised; the breach originated from a vendor in the booking workflow. The incident highlights the growing risk of vendor-chain attacks in SaaS ecosystems.
Meridian48 take
The breach is less about Booking.com's security and more a reminder that vendor-chain attacks remain an under-tested vulnerability across the industry.
Read the full reporting
Booking.com Breach: When the Vendor Chain Becomes the Attack Surface →
DEV Community
vendor-chain-attackdata-breach