[Important Notice from WeBase Hakata] (Follow-up) Apology and Information Regarding Messages Leading to Phishing Sites
We deeply apologize for the significant inconvenience and concern caused by the distribution of messages that directed some guests who made reservations at “WeBase Hakata” through Booking.com to phishing sites.
Following the announcement made on August 14, 2024, titled “[Important Notice from WeBase Hakata] Apology and Information Regarding Possible Personal Information Breach and Messages Leading to Phishing Sites Due to Unauthorized Access,” we would like to report the facts revealed through further investigation, as follows.
Notice dated August 14, 2024
https://we-base.jp/hakata/en/news/10796/
1, Incident Summary
On August 11, 2024, it was confirmed that some guests who had made reservations at “WeBase Hakata” through Booking.com received messages directing them to phishing sites. There is a possibility that third parties accessed guests’ anonymous email addresses specific to Booking.com (@guest.booking.com) stored in our management system. On the same day, we requested Booking.com to invalidate the fraudulent URLs sent to customers. Additionally, we sent a message (in both Japanese and English) to affected guests, apologizing and advising them not to click on the fraudulent URLs. Furthermore, we implemented password changes and security checks on computers at all WeBase facilities. We have confirmed that no unauthorized access occurred at other facilities or within the main Booking.com system.
2, Details of the Incident
(1) Affected Customers:
Guests who made reservations at “WeBase Hakata” through Booking.com.
(2) Number of Potentially Leaked Personal Information:
244 anonymous email addresses specific to Booking.com from guests who reserved at “WeBase Hakata.”
(3) Potentially Leaked Personal Information:
Anonymous email addresses specific to Booking.com (ending with @guest.booking.com).
※ No other personal information such as name, address, phone number, email address, nationality, credit card information, or banking details has been affected.
(4) Cause:
After investigation, it was determined that a website controller used by our company, which manages multiple reservation sites including Booking.com, was subject to unauthorized access. As a result, a CSV file containing email addresses of guests who booked or modified reservations via Booking.com and the check-in and check-out dates are between August 9, 2024, and July 18, 2025, was downloaded. However, the reservation management system provided by Booking.com used by our company was not breached.
(5) Whether There Are Secondary Damages or Risks:
As of the time of this notice, no reports of financial damage have been received.
3, Future Measures and Recurrence Prevention
Based on the results of the investigation, we have implemented various measures, including the introduction of new security features in the reservation management system provided by Booking.com, a clean installation of computers, strengthened employee training, and a request to the website controller operator to implement two-factor authentication (scheduled to be introduced on September 10, 2024). We will continue to enhance our security measures moving forward.
4, Request to Customers
If you receive a suspicious message, we ask that you refrain from clicking any attached URLs. If the content of the message is unfamiliar, please contact Booking.com (Phone: +44-20-3320-2609) or WeBase HAKATA.
We sincerely apologize for the significant inconvenience and concern caused to our customers.
Sincerely,
WeBase HAKATA
Note:
A “phishing site” is a fake website that impersonates a legitimate one to fraudulently collect personal information, such as credit card numbers.
