
Whistleblower reveals how fraud of Booking.com worked - known
http://m.bbc.com/news/business-30555620
======
alexivanovs
I agree, does this mean that they were able to successfully gain access to the
Booking.com database to get those details, or was she just putting those
claims out there for no apparent reason?

~~~
weinzierl
The article reads to me like hinting as much as possible into the direction of
Booking.com being hacked without risking a libel suit. The only thing that
doesn't fit into the picture is the last but one sentence:

    
    
       A spokesperson for Booking.com told Money Box the firm 
       is working with police on how to prevent future phishing 
       attacks.
    

Who was the victim of a phishing attack here? Booking.com or their customers?

~~~
throwaway2600
I suspect both: phish the hotel for login details to their admin interface for
booking.com, then use those details to phish the customers.

------
uladzislau
"Booking.com has estimated that about 10,000 people were affected."

I'm wondering why Booking.com allowed this happening on such a scale - they
probably got tons of customer complaints to react upon?

~~~
detaro
What should they have done when to stop it?

Complaints might be delayed by weeks (if customers only notice the problem on
check-in) and unless it is an easy to find leak on their end, investigating
what is going on will take time as well. If the hotels got hacked or phished
instead of Booking.com, they are not even directly involved.

