BCD Travel: Dutch travel firm BCD hacked, 700,000 customers reportedly hit

BCD Travel: Dutch travel firm BCD hacked, 700,000 customers reportedly hit

ShinyHunters Claims 700K BCD Travel Customer Records Stolen in Dark Web Data Leak

The hacking group ShinyHunters has reportedly stolen and begun publishing the personal data of 700,000 BCD Travel customers on the dark web, according to a report by Financieele Dagblad. The Dutch-owned business travel company confirmed detecting suspicious activity on an internal account and engaged external cybersecurity specialists to assess the breach, though it has not disclosed the full scope or any ransom demands.

ShinyHunters, known for high-profile data thefts, claims to have accessed a Salesforce customer database and internal SharePoint sites, setting a June 1 deadline for payment before releasing the full dataset. The group, which previously targeted telecom provider Odido in February exposing over six million records specializes in data extortion rather than ransomware attacks. Other past victims include Ticketmaster and the Canvas education platform.

BCD Travel, headquartered in Utrecht and part of the $24.4 billion BCD Group, stated that its services remain operational and IT systems unaffected. The incident follows ShinyHunters’ pattern of leveraging phishing or credential theft to infiltrate targets, as seen in the Odido breach, where an employee was tricked into entering login details on a fake site. The stolen BCD Travel data, totaling over 30GB, was verified by cybersecurity firm Passguard.

Source: https://www.dutchnews.nl/2026/06/dutch-travel-firm-bcd-hacked-700000-customers-reportedly-hit/

BCD Travel cybersecurity rating report: https://www.rankiteo.com/company/bcd-travel

"id": "BCD1780576089",
"linkid": "bcd-travel",
"type": "Breach",
"date": "2/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '700,000',
                        'industry': 'Travel',
                        'location': 'Utrecht, Netherlands',
                        'name': 'BCD Travel',
                        'size': 'Part of the $24.4 billion BCD Group',
                        'type': 'Business Travel Company'}],
 'attack_vector': ['Phishing', 'Credential Theft'],
 'data_breach': {'data_exfiltration': 'Yes (30GB of data)',
                 'number_of_records_exposed': '700,000',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High (Personally Identifiable '
                                        'Information)',
                 'type_of_data_compromised': 'Personal data'},
 'description': 'The hacking group ShinyHunters has reportedly stolen and '
                'begun publishing the personal data of 700,000 BCD Travel '
                'customers on the dark web. BCD Travel confirmed detecting '
                'suspicious activity on an internal account and engaged '
                'external cybersecurity specialists to assess the breach. '
                'ShinyHunters claims to have accessed a Salesforce customer '
                'database and internal SharePoint sites, setting a June 1 '
                'deadline for payment before releasing the full dataset.',
 'impact': {'data_compromised': '700,000 customer records',
            'identity_theft_risk': 'High',
            'operational_impact': 'Services remain operational, IT systems '
                                  'unaffected',
            'systems_affected': ['Salesforce customer database',
                                 'Internal SharePoint sites']},
 'initial_access_broker': {'data_sold_on_dark_web': 'Yes',
                           'entry_point': 'Phishing/Credential Theft'},
 'investigation_status': 'Ongoing',
 'motivation': 'Data Extortion',
 'ransomware': {'data_exfiltration': 'Yes',
                'ransom_demanded': 'Yes (deadline: June 1)'},
 'references': [{'source': 'Financieele Dagblad'}, {'source': 'Passguard'}],
 'response': {'incident_response_plan_activated': 'Engaged external '
                                                  'cybersecurity specialists',
              'third_party_assistance': 'External cybersecurity specialists, '
                                        'Passguard'},
 'threat_actor': 'ShinyHunters',
 'title': 'ShinyHunters Claims 700K BCD Travel Customer Records Stolen in Dark '
          'Web Data Leak',
 'type': 'Data Breach'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.