IT incident at Centerparks: customer data affected
Attackers have broken into the IT of Centerparks. Customer data was exposed. The company is now informing those affected.
(Image: heise online / dmk)
Numerous customers who have booked their vacation with Centerparks are currently receiving an email from the company. In it, it informs recipients that there has been an IT security incident.
According to Centerparks, “some of your personal data has been exposed”. According to the email, there was a cyberattack on June 4, 2025, on one of the Centerparks interfaces used by customers who made their booking by telephone. “As soon as the attack was detected, access to the system was blocked, and additional security measures were taken,” the company writes.
It seems that only customers who booked by telephone were informed – Colleagues from the editorial team who made an online booking with Centerparks report that they did not receive any such information mail.
Centerparks: Information affected by the data leak
The data leak “possibly” affected first and last name, e-mail address, booking number, location, and travel data. According to Centerparks, bank details, passwords, telephone numbers and postal addresses were not disclosed. The data was also not altered by the attackers.
Videos by heise
The tourism company also informed those impacted that the cyberattack was stopped on June 6. The company has reported the incident to the French data protection authority CNIL. It has also filed a criminal complaint with the police. “Cybersecurity experts have been commissioned to secure our systems in the long term,” Centerparks continued.
Those affected should remain vigilant. So far, no abuse has been detected. Nevertheless, criminals could send fraudulent emails requesting payment, for example with the pretext that a booking is incomplete, or a previous payment has failed. There could also be fraudulent phone calls or text messages in which the senders request personal information. It is important for Centerparks to emphasize that the company never asks customers to pay in an email with a link. For open bookings, customers should log in to the official Centerparks website or the MyCP app on their smartphone.
Recipients should not respond to emails with such payment requests, for example with bank details, but should check their MyCP account to see if there is still a balance.
Unfortunately, data leaks are now commonplace. Last week, for example, a member of the CCC wanted to stay overnight with the accommodation service provider Numa. However, he came across a complete collection of customer data.
(dmk)
