Overview
- PVCP said Thursday it was alerted to a breach on its 'La France du Nord au Sud' affiliate booking platform that involves data from 1.6 million reservations.
- The exposed fields include reservation numbers, stay dates and locations, names of occupants, phone numbers, and dates of birth, while the company says no banking data or email addresses were taken.
- PVCP says it identified and fixed the vulnerability, notified France’s data regulator CNIL, filed a complaint against unknown perpetrators, and began informing affected customers.
- French Breaches, which says the hacker shared samples and technical details, reports the trove could cover up to 4.5 million customers over as much as a decade of bookings.
- Following the PVCP disclosure, rival Belambra said Saturday it also suffered a breach affecting reservation data, highlighting the strain on security across France’s travel platforms.