Airbnb has revealed details of a data breach on 24 September 2020 affecting hundreds of people.

It has been reported that users of the holiday rental site may have had their personal data exposed to other users of the platform. The personal data included addresses, phone numbers and key access codes for the hosts’ properties.

Users of the site flagged an issue that they were redirected to the inboxes of other hosts.  The issue occurred when hosts tried to respond to messages from their own guests.

The technical issue is said to have affected both the desktop and mobile web platforms.

At first, Airbnb reportedly only asked the hosts to clear their browser cookies or to use a different internet browser, despite being contacted by numerous users.

An Airbnb spokeperson said “on Thursday, a technical issue resulted in a small subset of users inadvertently viewing limited amounts of information from other users’ accounts.

“We fixed the issue quickly and are implementing additional controls to ensure it does not happen again. We don’t believe any personal information was misused and at no point was payment information accessible.”

Airbnb said the issue was a technical malfunction and not a malicious cyber-attack on the company.

It is not yet known if the ICO has been notified.

If you have been affected by Airbnb’s data breach, get in touch with our team for advice.