-
Dutch hospitality services company Hospecs disclosed a breach that exposed guest and reservation data across over 100 hotels in the Netherlands.
-
Criminals are using legitimate booking details to send convincing payment requests to travelers.
-
The source remains a mystery, investigators haven’t found the leak’s origin yet.
A data breach hit more than 100 Dutch Hotels and a lot of customers’ information got exposed to cyber criminals. Scammers are now using the stolen reservation data to fool people who make reservations to hotels.
The Scale of the Data Breach
Hospecs, a Dutch company, is in charge of managing these hotels and a bunch of services in hospitality, confirmed the breach. The managing director, Tim Vissers, spoke of it when he appeared in an interview with NOS, a Dutch broadcaster. He said reports have been steadily increasing.
The scary part? People who’ve stayed at the affected hotels are getting messages prompting them to “verify” and “pay again” for trips they have already sorted. These messages look real and convincing because they contain actual booking details.
Vissers says dozens of these phishing messages go out every single day. The total could reach into the hundreds or even thousands. That’s a lot of travelers getting targeted.
And here’s the kicker. Similar incidents have also popped up in Belgium and Ireland. So this isn’t just a Dutch problem.
Where Did the Leak Come From?
Nobody knows the source yet. And that’s what makes this so tricky.
Vissers told NOS that the leak is likely from somewhere inside the software ecosystem hotels use to process reservations. Modern bookings often pass through multiple systems. They’ll go through property management systems (or PMS for short), then booking engines, channel managers, and central reservation platforms. That’s a lot of moving parts.
Meanwhile, Hospecs has launched an independent investigation. They want to find the scope of this incident. They’re gathering info from hotels that have seen problems since May 25. That means this has been going on for a while.
The company is collecting details on which software each hotel uses. They’re also looking at examples of the phishing messages guests received. Their goal is straightforward. Establish the scale of these breaches. Identify shared systems or common suppliers. Figure out if one single cause ties everything together.
Hospecs noted that similarities may exist in the technologies and integrations used by affected hotels. But they named no specific vendor as the source of the leak.
When commenting on the breach, the hospitality association Koninklijke Horeca Nederland (KHN) noted that the interconnected nature of the hotel booking world these days is a big issue. It makes it really hard to figure out where guest data got intercepted or misused.
KHN also pointed to the complexity of online reservation systems. Their advice is simple: hotels and guests should remain watchful.
The privacy regulator, Autoriteit Persoonsgegevens, said they’re investigating what happened, which actually gives victims a bit of hope. However, until further notice, if you have made arrangements to stay in a hotel in the Netherlands, we advise caution. Confirm the reservation email directly with hotel management before taking any action.
What You Should Do Right Now
If you booked a hotel recently, be aware that scammers will likely send you phishing messages. They have the booking information (which makes it look real) so if you received a message asking you to confirm payment for your trip, you may think it’s legit. Do not trust them.
If you receive an email requesting payment for your hotel reservation, please do NOT click on any links. Never enter your credit card information. Instead, you’ll want to validate the request directly with your hotel (call the front desk, use an email address from the hotel’s legitimate website, not the one in the suspicious email).
For hotels, here’s the basic suggested procedure:
- Collect all items related to the incident (biometrics, transaction info).
- Check all systems that the incident may have affected.
- Determine whether guests will need to be notified.
The investigation is still ongoing; however, until further notice, you should treat all unexpected requests for hotel payments that appear to be real like similar emails. You may be lured in (to click on the link), so be careful.
Cybercrime takes many forms, from phishing scams to dark web activities. Dutch police recently shut down a criminal host used for dark web operations, demonstrating the breadth of their enforcement efforts.
