BWH Hotels (Best Western) Discloses 6-Month Reservation System Breach
BWH Hotels, parent of Best Western, WorldHotels and SureStays, notified guests that hackers maintained access to its reservation web application from October 2025 to April 2026. The company confirmed the unauthorized access and began sending breach notifications. No payment data was stored or accessed in the affected system.
BWH Hotels, the parent company of Best Western, WorldHotels, and SureStays, has disclosed that hackers maintained unauthorized access to its reservation web application for six months, exposing the personal information of tens of thousands of guests.
Public reporting indicates the breach lasted from October 2025 through April 2026. The compromised system contained names, email addresses, telephone numbers, home addresses, and reservation details. BWH Hotels confirmed no payment card data was stored or accessed in the affected environment. The company has begun sending direct notifications to impacted guests, and the incident is now under investigation.
For executives and high-net-worth families who travel frequently, this breach carries immediate operational and personal risk. Home addresses, phone numbers, and reservation patterns can be combined with other publicly available data to build detailed profiles for targeted physical threats, social engineering, or executive impersonation attacks. Families that use corporate rates or loyalty programs may find both personal and business travel records entangled, increasing the likelihood that one exposure compromises multiple layers of identity.
The doxxing and identity-chain implications are significant. Reservation data often links real-world identities to email addresses and phone numbers that are reused across travel apps, loyalty programs, and personal accounts. Once those connections surface in underground markets, attackers can follow the chain to correlated gaming usernames, family member profiles, or children’s accounts. Credential leaks of this nature frequently cascade into account takeovers, especially where the same password or recovery phone number protects both travel profiles and gaming platforms.
What to do
- Run a DoxxScan to map every link between your handles, emails, phone numbers, and real-world identity, using the 72hr free trial of Warden.
- Rotate any password used on the Best Western or BWH Hotels reservation site wherever it has been reused, and immediately enable two-factor authentication through an authenticator app rather than SMS.
- Enable continuous DoxxScan monitoring across 15B+ breach records and 100+ platforms so the next exposure of your data is identified within hours rather than months.
- Cover the entire household with DoxxScan family coverage, which extends protection to dependents and children’s gaming accounts that often chain back to the same addresses and phone numbers.
- For executives and family offices, layer on hands-on remediation specialists who can execute targeted takedown requests across data brokers and underground forums where the stolen reservation records may already circulate.
Incidents like the BWH Hotels breach demonstrate that reservation systems remain high-value targets precisely because they hold verifiable real-world contact information rather than easily replaceable financial data. The most effective defense combines immediate credential hygiene with persistent visibility into how those credentials connect across the broader digital footprint. DoxxScan by GalaxyWarden delivers that capability through continuous monitoring across 15B+ breach records and 100+ platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and household coverage that explicitly includes children’s gaming accounts vulnerable to the same cascading takeovers.
Related breaches
Navia Benefits Administration Breach — March 2026
2.7 million individuals had names, SSNs, DOBs, contact information, and benefits administration data…
PayPal SSN Exposure Lasting Six Months — February 2026
A code change at PayPal allowed unauthorized access to Social Security Numbers and account details f…
Everest ransomware claims breach of Liberty Mutual insurance data
The Everest ransomware group listed Liberty Mutual on its leak site, claiming theft of over 100 GB o…
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →