• Home
  • cyber
  • Sunweb and Hospecs: Dozens of Dutch hotels affected by data breach
cyber Breach

Sunweb and Hospecs: Dozens of Dutch hotels affected by data breach

May 1, 2026 2 min read
Sunweb and Hospecs: Dozens of Dutch hotels affected by data breach

Large-Scale Data Breach Hits Hundreds of Dutch Hotels, Exposing Guest Reservations

A major data breach has compromised the reservation systems of at least 100 Dutch hotels, exposing sensitive guest information and enabling targeted phishing attacks. Hospitality group Hospecs confirmed the incident, revealing that hackers accessed booking details including contact information, arrival dates, and departure dates for thousands of guests.

The breach was first reported after Hospecs Managing Director Tim Vissers posted an alert on LinkedIn, prompting a surge of responses from affected hotels. Reports have since expanded beyond the Netherlands, with cases emerging in Belgium and Ireland. The attackers are exploiting the stolen data to send convincing fake payment requests to guests, often referencing real booking details to appear legitimate. Some victims reported that their hotels initially denied the breach, despite evidence of fraudulent messages.

The exact cause of the breach remains under investigation, but Hospecs suspects a vulnerability in a shared software provider rather than direct attacks on individual hotels. The precision of the scams using verified reservation data makes them particularly dangerous, as victims may unknowingly comply with fraudulent demands.

This incident follows a troubling pattern in the travel industry. Similar attacks have targeted major chains like Van der Valk (September 2025), travel agency Sunweb, and Booking.com (January 2026), where hackers hijacked hotel accounts to send fake payment requests. Dutch regulations require organizations to report data breaches within 72 hours, but it remains unclear whether Hospecs or the affected hotels have complied. Investigations into the source of the breach are ongoing.

Source: https://www.techzine.eu/news/security/141806/dozens-of-dutch-hotels-affected-by-data-breach/

Sunweb Group cybersecurity rating report: https://www.rankiteo.com/company/sunweb-group

Hospecs cybersecurity rating report: https://www.rankiteo.com/company/hospecs

"id": "SUNHOS1780482743",
"linkid": "sunweb-group, hospecs",
"type": "Breach",
"date": "5/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Thousands of guests',
                        'industry': 'Hospitality',
                        'location': 'Netherlands',
                        'name': 'Hospecs',
                        'type': 'Hospitality group'},
                       {'customers_affected': 'Thousands of guests',
                        'industry': 'Hospitality',
                        'location': ['Netherlands', 'Belgium', 'Ireland'],
                        'name': 'Various hotels (100+)',
                        'type': 'Hotels'}],
 'attack_vector': 'Vulnerability in shared software provider',
 'customer_advisories': 'Guests warned about fraudulent payment requests',
 'data_breach': {'data_exfiltration': 'Yes (used for phishing scams)',
                 'number_of_records_exposed': 'Thousands',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High (personally identifiable '
                                        'information)',
                 'type_of_data_compromised': ['Contact information',
                                              'Arrival dates',
                                              'Departure dates']},
 'description': 'A major data breach has compromised the reservation systems '
                'of at least 100 Dutch hotels, exposing sensitive guest '
                'information and enabling targeted phishing attacks. The '
                'attackers are exploiting the stolen data to send convincing '
                'fake payment requests to guests, often referencing real '
                'booking details to appear legitimate.',
 'impact': {'brand_reputation_impact': 'Yes',
            'data_compromised': 'Guest reservation details (contact '
                                'information, arrival/departure dates)',
            'identity_theft_risk': 'Yes',
            'operational_impact': 'Targeted phishing attacks on guests',
            'payment_information_risk': 'Yes (fraudulent payment requests)',
            'systems_affected': 'Hotel reservation systems'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial gain (phishing scams)',
 'post_incident_analysis': {'root_causes': 'Suspected vulnerability in shared '
                                           'software provider'},
 'references': [{'source': 'LinkedIn post by Hospecs Managing Director Tim '
                           'Vissers'}],
 'regulatory_compliance': {'regulations_violated': 'Dutch data breach '
                                                   'notification regulations '
                                                   '(potential non-compliance)',
                           'regulatory_notifications': 'Unclear (72-hour '
                                                       'reporting requirement '
                                                       'may not have been '
                                                       'met)'},
 'response': {'communication_strategy': 'LinkedIn alert by Hospecs Managing '
                                        'Director'},
 'title': 'Large-Scale Data Breach Hits Hundreds of Dutch Hotels, Exposing '
          'Guest Reservations',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.