Cyber Incident Victim: Airbnb
Date:
Apr 2019
Location:
United Kingdom
Summary
Airbnb users reported unauthorized account access leading to fraudulent bookings and substantial unauthorized charges, with some victims discovering costly reservations made in their names without consent. Additionally, legitimate bookings were canceled, disrupting travel plans and leaving affected individuals without accommodations. Complaints emerged primarily from UK-based users via social media platforms, indicating potential account compromise, though the incident's scope and underlying cause remained unconfirmed by the company at the time of reporting.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In late April 2019, Airbnb users began reporting unauthorized access to their accounts through social media platforms, with complaints emerging publicly by April 27. Affected individuals primarily based in the United Kingdom described account takeovers resulting in fraudulent activity, including unauthorized holiday bookings charged to their payment methods without consent. These fraudulent reservations reportedly cost victims thousands of pounds per incident. Simultaneously, legitimate reservations made prior to the account compromises were systematically canceled by attackers, leaving travelers without accommodations. The dual pattern of unauthorized charges and booking cancellations created immediate financial and logistical crises for victims, who faced both unexpected expenses and disruption to planned travel arrangements.
Airbnb had not issued any public statements or acknowledgments regarding the incidents as of May 5, 2019, when initial media reports documented the complaints. The company's UK Twitter account (@AirBNB_UK) showed no visible responses to user reports of account compromises during this period. While the concentration of complaints originated from UK users, the absence of official communication left unresolved whether the incident represented a localized security failure or a broader systemic vulnerability affecting Airbnb’s global user base. Victims continued reporting new account compromises through early May, indicating ongoing unauthorized access despite public awareness of the issue. The financial impacts remained confined to individual users bearing unauthorized charges, with no evidence of corporate data breaches or infrastructure compromises disclosed during this timeframe.