Travel News Hotels A Massive Airbnb Security Breach Could've Exposed Your Private Information Yesterday, a technical issue exposed hosts' inboxes and leaked private info By Stefanie Waldek Stefanie Waldek Instagram Twitter Stefanie Waldek is a Brooklyn-based travel writer with over six years of experience. She covers various destinations, hotels, and travel products for TripSavvy. TripSavvy's editorial guidelines Published on 09/25/20 Share Pin Email Georgie Wileman / Getty Images According to reports on social media, some Airbnb hosts experienced a significant breach of privacy on Thursday. Upon opening their inboxes on the vacation rental platform—the only way they’re supposed to interact with guests—hosts discovered that their messages were missing. Instead, they were replaced with other hosts’ private messages with guests. According to information shared on Reddit, those messages included sensitive information, including street addresses, entrance codes to rental units, and hosts’ monthly earnings. Per another Reddit thread, every time the affected hosts refreshed their inbox, a new hosts' messages would appear, revealing that sensitive information. When users reported the bug to Airbnb, they were told to clear their cookies—to no avail. "On Thursday, a technical issue resulted in a small subset of users inadvertently viewing limited amounts of information from other users' accounts," an Airbnb spokesperson told TripSavvy. The company added that they "fixed the issue quickly and are implementing additional controls to ensure it does not happen again." The breach occurred at 9:30 a.m. Pacific time on Thursday and was discovered within an hour, according to Airbnb. It was fixed by 12:30 p.m. The company explained it was not the result of a malicious attack on the company's infrastructure—something has plagued other large travel companies—and was not visible to users on the mobile app, only those using desktop browsers. Additionally, users with inadvertent access could not modify the data of the other user, including sending messages or altering bookings. While it seems that the situation is now under control, it's a massive slip-up that could impact hosts and their current guests. If you suspect your account has been breached, we suggest you change your current access codes to your properties in case they were inadvertently revealed. Study Finds That Top Travel Companies Still Struggle with Keeping Your Data Safe Was this page helpful? Thanks for letting us know! Share Pin Email Tell us why! Submit