Best Western Hotels, operating thousands of properties worldwide, has revealed a cyberattack resulting in the theft of sensitive customer reservation data collected between October 2025 and April 2026. While no payment information was compromised, customers are warned to remain alert for phishing attempts.
- Attack detected on April 22, 2026; web app flaw exploited
- Data extracted includes personal and reservation details, excluding payment info
- Best Western urges vigilance against potential phishing scams
What happened
Best Western Hotels experienced a cyber incident that exposed sensitive customer data through a flaw in a web application managing guest reservations. The breach was discovered on April 22, 2026, and compromised information generated over approximately six months, from mid-October 2025 to discovery date.
Data accessed by the attacker included customer names, email addresses, phone numbers, postal addresses, reservation numbers, stay dates, and special requests. Crucially, payment and bank details were not involved in the breach. Following the discovery, Best Western promptly took the affected application offline and revoked unauthorized access.
Why it matters
With thousands of hotels under its umbrella worldwide, Best Western's breach could impact a significant pool of customers, potentially exposing them to targeted phishing or fraud attempts using the stolen reservation data. Attackers may impersonate Best Western or related brands to trick victims into revealing further personal or financial details.
The incident highlights ongoing cybersecurity challenges in the hospitality sector, where diverse systems and large volumes of personal data make hotel groups attractive targets. The breach also serves as a reminder of the importance of securing web applications that handle sensitive customer information.
What to watch next
Best Western is working with external cybersecurity experts to strengthen its defenses and investigate the breach's full scope. Customers are advised to scrutinize emails, messages, or calls about hotel stays, especially those requesting payment or verification, and to avoid clicking links in suspicious communications.
Industry observers should monitor how Best Western and other hospitality companies enhance their cybersecurity measures following this breach. Additionally, attention will be on any reported phishing campaigns exploiting the stolen data and how customers respond to emerging threats tied to this incident.