Security News > 2021 > April > Too slow! Booking.com fined for not reporting data breach fast enough
The Dutch Data Protection Authority - the country's data protection regulator - has fined online travel and hotel booking company Booking.com almost half a million Euros over a data breach.
The Dutch Data Protection Authority has imposed a €475,000 fine on Booking.com because the company took too long to report a data breach to the DPA. When the breach occurred, criminals obtained the personal data of over 4,000 customers.
With these purloined logins, the crooks retrieved data about 4109 customers' bookings, including at least those customers' names, addresses and phone numbers.
The crooks also got hold of credit card data from 283 of those bookings, including 97 bookings where the CVV had been recorded as well.
December 2018: Data breach started 13 January 2019: Booking.com became aware of the leak.
It's not admitting guilt or a sign of incompetence to make plans in case of a data breach, because won't have time to plan afterwards! Even the DPA admits that "a data breach can occur anywhere, even if you have good precautionary measures in place. But in order to prevent harm to customers and future attacks, you have to report a breach on time." Make sure you know what you need to do, just in case.
News URL
Related news
- Toyota confirms third-party data breach impacting customers (source)
- National Public Data Breach: Only 134 Million Unique Emails Leaked and Company Acknowledges Incident (source)
- CannonDesign confirms Avos Locker ransomware data breach (source)
- Patelco notifies 726,000 customers of ransomware data breach (source)
- Nearly 1/3 of Companies Suffered a SaaS Data Breach in Last Year (source)
- Park’N Fly notifies 1 million customers of data breach (source)
- GDPR Data Breach Notification Letter (Free Download) (source)
- Business services giant CBIZ discloses customer data breach (source)
- A third of organizations suffered a SaaS data breach this year (source)
- Car rental giant Avis discloses data breach impacting customers (source)