A cyberattack on Gîtes de France led to personal booking data being leaked from 1995 to 2026. Two other travel companies were also hit, raising concerns about targeted travel-related phishing scams.
Table of Contents
What Happened?
The attacker accessed data linked to about 389,000 customers who booked stays across Europe.
This was not an isolated case.
Two other travel companies were also attacked within the same weekend:
- Pierre & Vacances-Center Parcs
- Belambra holiday clubs
Reports suggest the same hacker carried out all three attacks.
The companies said they will report the incidents to French authorities and the national data protection regulator.
Who Is Affected and What Data Was Taken?
The breach affects people who made bookings between 1995 and 2026.
The data that was leaked includes:
- Names
- Email addresses
- Phone numbers
- Home addresses
- Booking details like stay dates and number of nights
Some regions involved include Guadeloupe, Cantal, and Haute-Garonne.
The company said no payment or banking data was taken.
Still, this type of information can be very useful for scammers.
If you’re not sure whether your data was leaked, it’s worth checking. With Futureproof, you can quickly find out if your details appear in known leaks and get clear steps to secure your accounts before problems start.
At Futureproof, Kevin explains digital safety in simple words, with clear tips and zero fluff. He holds a degree in information technology and studies fraud trends to keep his tips up-to-date.
In his free time, Kevin plays with his cat, enjoys board-game nights, and hunts for New York’s best cinnamon rolls.
