BWH Hotels Warns Guests After Cybercriminals Access Reservation Data
BWH Hotels, the parent company of Best Western, WorldHotels, and Sure Hotels, has notified customers of a significant data breach involving unauthorized access to guest reservation information. The intrusion was detected on April 22, 2026, but compromised data dates back to October 14, 2025, covering a six-month period. According to BWH Hotels CTO Bill Ryan, the attack targeted a specific web application housing reservation details. Exposed information includes names, email addresses, telephone numbers, home addresses, reservation numbers, stay dates, and special requests. The company confirmed that no payment or banking details were involved in the breach. In response, BWH Hotels took the affected application offline, revoked unauthorized access, and engaged external cybersecurity experts to strengthen safeguards. Customers are urged to remain vigilant against potential phishing attempts, such as suspicious emails, texts, or calls requesting payment or verification codes. The incident highlights ongoing cybersecurity challenges in the hospitality sector, with similar breaches reported recently at other major hotel booking platforms. BWH Hotels advised guests to navigate directly to official sites rather than clicking links in unexpected communications.
Wire timeline
BWH Hotels Warns Guests After Cybercriminals Access Reservation Data
BWH Hotels, the parent company of Best Western, WorldHotels, and Sure Hotels, has notified customers of a significant data breach involving unauthorized access to guest reservation information. The intrusion was detected on April 22, 2026, but compromised data dates back to October 14, 2025, covering a six-month period. According to BWH Hotels CTO Bill Ryan, the attack targeted a specific web application housing reservation details. Exposed information includes names, email addresses, telephone numbers, home addresses, reservation numbers, stay dates, and special requests. The company confirmed that no payment or banking details were involved in the breach. In response, BWH Hotels took the affected application offline, revoked unauthorized access, and engaged external cybersecurity experts to strengthen safeguards. Customers are urged to remain vigilant against potential phishing attempts, such as suspicious emails, texts, or calls requesting payment or verification codes. The incident highlights ongoing cybersecurity challenges in the hospitality sector, with similar breaches reported recently at other major hotel booking platforms. BWH Hotels advised guests to navigate directly to official sites rather than clicking links in unexpected communications.
www.theregister.com - Articles