Secureholiday and Ctoutvert: Personal data of 41,577 Dutch campers stolen in major European booking site hack

Secureholiday and Ctoutvert: Personal data of 41,577 Dutch campers stolen in major European booking site hack

Thousands of Dutch Vacationers Hit by Secureholiday Data Breach

A major data breach at Secureholiday, a French online camping reservation platform, exposed the personal and booking details of 41,577 Dutch customers, along with tens of thousands of other Europeans. The breach, discovered on February 28, 2026, involved stolen data including names, email addresses, travel destinations, booking dates, and payment amounts from reservations at roughly 500 campgrounds, primarily in France, Spain, and Italy.

Cybercriminals later exploited the stolen information in phishing scams between May and June 2026, sending fraudulent emails that appeared to come from campgrounds. The messages referenced specific booking details, such as dates and payment amounts, to trick recipients into confirming credit card payments. Some victims grew suspicious and verified the requests directly with campgrounds, while others shared warnings on social media.

Ctoutvert, Secureholiday’s parent company, patched the vulnerability the same day it was detected and notified affected campgrounds to alert guests. However, many warnings reached travelers only after they had already encountered the phishing attempts. The Dutch Fraudehelpdesk reported nearly 1,100 cases of similar scams this year, with spikes in January (220), May (285), and June (291) peak periods for vacation payments.

Fourteen campers, including six Dutch victims, officially reported falling for the scam. Ctoutvert stated that affected individuals are working with campgrounds and banks to address the fraud. While the company confirmed that half of the compromised bookings involved French customers, the full extent of the breach remains unclear.

Ctoutvert operates in 18 countries, processes 1.2 million reservations annually for 4,300 campgrounds, and handles payments after users are redirected from individual campground websites. The company has filed a complaint with French authorities, implemented additional security measures, and conducted a full security review in response to the incident.

Source: https://nltimes.nl/2026/07/15/personal-data-41577-dutch-campers-stolen-major-european-booking-site-hack

Secureholiday TPRM report: https://www.rankiteo.com/company/ctoutvert

Ctoutvert TPRM report: https://www.rankiteo.com/company/ctoutvert

"id": "cto1784190795",
"linkid": "ctoutvert",
"type": "Breach",
"date": "7/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '41,577 Dutch customers, tens of '
                                              'thousands of other Europeans',
                        'industry': 'Travel and Hospitality',
                        'location': 'France',
                        'name': 'Secureholiday (Ctoutvert)',
                        'size': 'Processes 1.2 million reservations annually '
                                'for 4,300 campgrounds',
                        'type': 'Online camping reservation platform'},
                       {'customers_affected': '41,577',
                        'location': 'Netherlands',
                        'name': 'Dutch vacationers',
                        'type': 'Customers'},
                       {'industry': 'Hospitality',
                        'location': 'Primarily France, Spain, Italy',
                        'name': 'Campgrounds (500+)',
                        'type': 'Business partners'}],
 'attack_vector': 'Unknown',
 'customer_advisories': 'Warnings shared on social media; customers urged to '
                        'report suspicious emails and verify bookings with '
                        'campgrounds.',
 'data_breach': {'data_exfiltration': 'Yes (used in phishing scams)',
                 'number_of_records_exposed': '41,577 Dutch customers + tens '
                                              'of thousands of other Europeans',
                 'personally_identifiable_information': 'Names, email '
                                                        'addresses',
                 'sensitivity_of_data': 'High (names, email addresses, travel '
                                        'destinations, booking dates, payment '
                                        'amounts)',
                 'type_of_data_compromised': ['Personal data',
                                              'Booking details']},
 'date_detected': '2026-02-28',
 'description': 'A major data breach at Secureholiday, a French online camping '
                'reservation platform, exposed the personal and booking '
                'details of 41,577 Dutch customers and tens of thousands of '
                'other Europeans. The breach involved stolen data including '
                'names, email addresses, travel destinations, booking dates, '
                'and payment amounts. Cybercriminals later exploited the '
                'stolen information in phishing scams targeting victims with '
                'fraudulent emails referencing specific booking details.',
 'impact': {'brand_reputation_impact': 'Negative publicity, trust erosion '
                                       'among customers',
            'customer_complaints': 'Warnings shared on social media, 1,100+ '
                                   'phishing scam cases reported to Dutch '
                                   'Fraudehelpdesk',
            'data_compromised': 'Names, email addresses, travel destinations, '
                                'booking dates, payment amounts',
            'financial_loss': 'Fraudulent credit card payments reported by 14 '
                              'victims',
            'identity_theft_risk': 'High (personal and booking details '
                                   'exposed)',
            'legal_liabilities': 'Filed complaint with French authorities',
            'operational_impact': 'Additional security measures implemented, '
                                  'full security review conducted',
            'payment_information_risk': 'High (fraudulent payment '
                                        'confirmations attempted)',
            'systems_affected': 'Secureholiday reservation platform'},
 'investigation_status': 'Ongoing',
 'lessons_learned': 'Need for timely customer notifications to prevent '
                    'phishing exploitation; importance of verifying payment '
                    'requests directly with service providers.',
 'motivation': 'Financial gain (phishing scams)',
 'post_incident_analysis': {'corrective_actions': 'Vulnerability patched, '
                                                  'additional security '
                                                  'measures implemented, full '
                                                  'security review conducted',
                            'root_causes': 'Unknown vulnerability in '
                                           'Secureholiday platform'},
 'recommendations': 'Enhance security measures for reservation platforms, '
                    'improve incident communication timelines, educate '
                    'customers on phishing risks, and implement multi-factor '
                    'authentication for payment confirmations.',
 'references': [{'source': 'Dutch Fraudehelpdesk'}],
 'regulatory_compliance': {'legal_actions': 'Complaint filed with French '
                                            'authorities'},
 'response': {'communication_strategy': 'Notified affected campgrounds to '
                                        'alert guests, warnings reached '
                                        'travelers post-phishing attempts',
              'containment_measures': 'Vulnerability patched on detection',
              'incident_response_plan_activated': 'Yes',
              'law_enforcement_notified': 'Yes (French authorities)',
              'recovery_measures': 'Affected individuals advised to work with '
                                   'campgrounds and banks',
              'remediation_measures': 'Additional security measures '
                                      'implemented, full security review '
                                      'conducted'},
 'stakeholder_advisories': 'Campgrounds notified to alert guests; customers '
                           'advised to verify payment requests directly.',
 'threat_actor': 'Cybercriminals',
 'title': 'Secureholiday Data Breach Affecting Thousands of Dutch Vacationers',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Unknown (patched on detection)'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.