What Happened
In April 2026, specifically around April 26, the French vacation rental management and concierge platform sejourneur.com, based in Bordeaux, suffered a data breach when hacker ChimeraZ leaked a 280 MB database containing approximately 53,000 records affecting over 46,000 individuals, including 7,000 PDF invoices. Exposed data encompassed customer full names, emails, phone numbers, cities of origin, booking details (e.g., accommodation names, arrival/departure dates, number of nights/adults/children, partner platforms like Booking.com, prices, taxes, and owner payouts), and internal reservation IDs, primarily in JSON and PDF formats. While the leak’s authenticity is confirmed by samples on underground forums, no corroborated evidence from authorities like CNIL verifies a large-scale system compromise, and the exact extraction method remains unknown, heightening risks of targeted phishing, refund scams, identity theft, and privacy breaches tied to travel histories.
