Incidents in sector:

Hospitality

Data breachUnknownMay 24, 2026

Les Embruns d'Oléron: data of 1,800 campsite holidaymakers exfiltrated

The Les Embruns d'Oléron campsite, a 4-star establishment located at Château-d'Oléron on the island of Oléron, appears in a new leak published on a

Victim: Les Embruns d'Oléron

Data breachUnknownMay 23, 2026

18,140 people affected by claimed leak at AVEA Vacances

Families who booked or participated in youth stays with AVEA Vacances are affected, according to the claim, by a claimed leak. According to the announcement, nearly 18,000 people…

Victim: AVEA Séjours / AVEA Vacances
Records: 18.1K

Data breachOngoingMay 23, 2026

Avea Vacances hit by a cyberattack: 46,000 stay records exposed

The dark series of cyberattacks against tourism by ChimeraZ continues with the Avea Vacances association, specializing in summer camps and

Victim: Avea Vacances

Data breachUnknownMay 23, 2026

Camping-Car Plus: victim of a data leak, passwords exposed

The Camping-Car Plus website, specialised in selling accessories and equipment for motorhomes and camper vans, is informing its customers that it has been

Victim: Camping-Car Plus :

Data breachUnknownMay 19, 2026

99,671 people: claimed data leak at Lagrange Vacances

Vacances-Lagrange.com customers and participants are targeted by a claimed data leak, according to the claim of May 19, 2026. The announced file would reportedly concern nearly 100,000 people…

Victim: Lagrange Vacances
Records: 99.7K

Data breachUnknownMay 17, 2026

Gîtes de France: 389,000 customers' bookings in a data leak

The Gîtes de France network, a historic player in vacation rentals and rural tourism in France, confirmed having been the victim of an incident of

Victim: Gîtes de France

Data breachUnknownMay 15, 2026

4.5 million Pierre & Vacances-Center Parcs customers, data leak

Pierre & Vacances-Center Parcs customers are affected by a data leak confirmed by the group, linked to the La France du Nord au Sud booking platform, used in particular for…

Victim: Pierre & Vacances-Center Parcs / Maeva

Data breachUnknownMay 12, 2026

Data leak at Best Western Hotels - customer reservations accessed

Best Western Hotels customers are affected by a data leak confirmed by the company. Unauthorised access identified on 22 April 2026 resulted in the consultation, between 14 October…

Victim: Best Western Hotels

Data breachUnknownApril 15, 2026

Brit Hotel: 682,000 loyalty programme members in a data leak

HexDex claims to put up for sale a database linked to Brit Hotel, a French hotel chain present across the country, following a

Victim: Brit Hotel

Data breachUnknownApril 14, 2026

Logis Hotels: 598,000 loyalty program members exposed in massive leak

The Logis Hotels group, a major network of more than 6,300 independent hotels and restaurants in France and Europe, is the target of a claimed leak

Victim: Logis Hotels

Data breachUnknownApril 1, 2026

Vacancéole: new customer leak in the tourism sector

Vacancéole, a specialist in holiday rentals in France, was the victim of a security incident involving a technical provider, confirming a

Victim: Vacancéole

Data breachUnknownMarch 30, 2026

Belambra: customer contact details exposed after a cyberattack

Belambra Clubs & Hôtels was affected by a security incident involving a service provider in charge of its booking system. This incident reportedly

Victim: Belambra

OtherUnknownNovember 27, 2024

Data leak at Ze Camping

1.6 million users first name, last name login hashed password date of birth phone postal address

Victim: Ze Camping

RansomwareContainedSeptember 10, 2023

MGM Resorts ransomware (Scattered Spider + ALPHV)

Scattered Spider vished an MGM IT-desk agent, gained Okta admin, and let ALPHV detonate ransomware. Casinos went offline for ten days; the loss to MGM exceeded $100 million.

Victim: MGM Resorts International
Loss: $100.0M

RansomwareRansom paidAugust 18, 2023

Caesars Entertainment Scattered Spider ransom payment (2023)

Scattered Spider impersonated a Caesars employee on a call to a third-party IT support vendor and convinced the vendor to grant Okta credentials, then exfiltrated customer loyalty data including SSNs and driver's licences. Caesars paid roughly $15 million ransom; the FBI later froze a substantial portion of the funds with Chainalysis assistance.

Victim: Caesars Entertainment
Loss: $15.0M

EspionageResolvedNovember 30, 2018

Marriott / Starwood guest data breach

Chinese state-attributed operators sat undetected on Starwood's guest reservation database from 2014, surviving Marriott's 2016 acquisition. Disclosed 2018: 500 million guest records exposed, including 5.25 million unencrypted passport numbers.

Victim: Marriott International / Starwood Hotels & Resorts
Loss: $200.0M
Records: 500.0M