TL;DR: I made a confirmed booking.com reservation. Shortly after, my booking details were used in a WhatsApp scam attempt, likely due to a compromised hotel account. I reported it, the hotel then canceled my reservation, and booking.com offered alternatives but refused to cover price differences. The whole experience left me questioning how data security issues and customer responsibility are handled.
What happened
I’m writing this to document a frustrating experience with a booking.com reservation, not as a rant, but as a straightforward account of events that raised serious questions about data security and how customers are treated when things go wrong.
The booking
I made a reservation on booking.com and received the usual confirmation. Everything looked normal. As far as I was concerned, the booking was valid and confirmed.
Shortly after, I received a message through the official booking.com messaging system. Again, nothing unusual at that stage.
Where things went wrong
Soon after that, I was contacted on WhatsApp by a phone number from the UAE. The person on the other end knew all the details of my reservation and asked me to provide credit card information for “validation.” That was an obvious scam (thx .
The worrying part wasn’t just the scam attempt itself, but the fact that whoever contacted me clearly had access to my booking details. That information could only have come from the property’s Booking.com partner account or from within the Booking.com ecosystem.
Dealing with booking.com
I reported the issue to booking.com. At first, I was told there was no indication that my data had been exposed through their platform. Later on, booking.com acknowledged that the property had contacted me through the platform and then redirected the conversation to WhatsApp, and that the case had been escalated internally for investigation.
What never came, however, was clarity. There was no concrete timeline for the investigation, even though timing and transparency are key when personal data might be involved.
The cancellation
Not long after, my reservation was canceled by booking.com. I didn’t ask for the cancellation, and no clear reason was given.
Booking.com offered a list of alternative hotels, but made it clear they wouldn’t cover any price differences. In other words, a confirmed booking was canceled due to issues I had no control over, and the inconvenience and extra cost were left to me.
Why this doesn’t sit right
From a customer’s point of view, a confirmed reservation should actually mean something. If a booking falls apart because of a security issue at the property, the customer shouldn’t end up worse off.
From a data protection angle, having your booking details used in a targeted fraud attempt is not a minor issue. It creates stress and uncertainty, and it deserves clear answers.
Why I’m sharing this
I’m sharing this experience because platforms like booking.com play a huge role in modern travel, and with that comes responsibility. When problems happen, customers deserve straightforward communication and fair handling, not vague reassurances and a quiet shift of the burden.
This post sticks to the facts. I’ll let readers draw their own conclusions. If nothing else, I hope it encourages people to stay alert and pushes platforms to handle situations like this better in the future.
Next steps
For now, I’m documenting everything and keeping all communication in writing. My next steps include:
- Following up formally with booking.com on both the cancellation and the data security aspect
- Submitting a complaint to the Romanian data protection authority (ANSPDCP) regarding the potential personal data breach
- Assessing my options under consumer protection rules for a canceled confirmed reservation
I’ll update this post if there are any meaningful developments.
