It will happen again and again
OTAs now capture 55% of the global travel market, dominating online bookings (encompassing hotels, airlines, and packaged tours), compared with direct suppliers, worldwide.
Booking.com, a subsidiary of Booking Holdings, is a leading global online travel agency headquartered in Amsterdam. While precise, exclusive data on its share of total worldwide hotel bookings is not publicly identified from its other listings, Booking.com facilitated 1.2 billion room nights in 2025, with mobile devices (primarily the app) driving 60% of all bookings.
An hotelier may tell you that bookin.com costs them between 15% to 20% commission. That’s a known perhaps to all hoteliers who receive room reservations via booking.com. The unknown though is that during the last eight years, there’s something that doesn’t show up in the expense sheet.
In 2018, scammers called hotels pretending to be booking.com and conned staff into handing over access. Using what they got, the scammers stole data from more than four thousand guests. Booking.com informed the regulator (authorities) three weeks later, and the company was fined €475,000. An amount that is pretty much ‘petty cash’ considering that the parent company Booking Holdings achieved estimated annual revenue of around US$26 billion in 2025.
Five years later, Booking.com’s payment system blocked sending money to hotels for weeks, in some instances, months. Mind you, this is money already collected by booking.com from guests.
Between 2024 and 2025, scammers repeatedly broke into hotel extranet accounts, messaging guests from within the platform – asking for credit card details, threatning to cancel the booking. In the UK alone, 523 such cases were reported, resulting in confirmed guest losses totaling around £370,000.
Then again, in April 2026, Booking.com informed customers their data has been accessed – names, phone numbers, booking details, messages with the hotel. The company did not reveal how many guests were affected - which probably means that the number of customers involved may have been high.
In eight years, Booking.com encountered four different problems – all with the same ending. The company kept the commission. The regulator got the fine, leaving the hotels to deal with the mess. Why the hotel? Might one ask? Booking.com gets paid the moment a guest clicks “book.” Everything that occurs beyond that – the guest’s data, the payment flow, the message from the scammer pretending to be the hotel – happens after Booking.com has already earned its money. So when things go south later, the person who has to deal with the mess is the hotel.
The hotel is in the frontline having to face innumerable issues. When someone using real booking data scams a guest – it is the hotel that gets blamed first. The guest exerts pressure on the hotel for a refund. Then follows the bad review damaging the hotel’s reputation – not forgetting the angry flak the hotel front desk staff has to tolerate at check-in from the family who arrive – convinced that they already paid thru booking.com.
What doesn’t get into the hotel books is when certain costs don’t show up on a booking.com invoice -costs such as compensation for the weeks of cash flow that got stuck inside Booking.com, when its system freezes. When a breach announcement goes out, the hotel is the one answering guest questions – all by its staff on its payroll. These costs don’t show up on the spreadsheet.
What’s scary is that these things have happened more than once… and will happen again and again. Yes, hotels find it difficult to leave Booking.com. Knowing how much the real cost (apart from the commission payable), will make it easier to make the decision – to stay or not.
Source: External
|
|
|
|
