Centerparks Experiences Cyber Incident Affecting Customer Data

Centerparks has reported a significant IT security breach, compromising customer data. The company is proactively notifying affected individuals via email.

Customers who booked their vacations through Centerparks are receiving messages detailing the incident, which occurred on June 4, 2025. According to the communication, a cyberattack targeted one of the company's systems used primarily for telephone bookings. Centerparks has assured customers that immediate action was taken to mitigate the breach, including locking down the affected systems and implementing enhanced security measures.

Initial reports suggest that only customers who booked via telephone are being informed, as those who made online reservations have not received similar notifications. The data exposure may include personal details such as first and last names, email addresses, booking references, vacation locations, and travel dates. However, Centerparks has clarified that sensitive information such as bank account details, passwords, phone numbers, or mailing addresses remains secure and was not accessed by the attackers.

The company confirmed that the cyberattack was neutralized on June 6, and it has reported the incident to the French data protection authority, CNIL, while also filing a police report. To enhance their cybersecurity posture, Centerparks has engaged cybersecurity experts to ensure long-term protection of their systems.

Customers are advised to remain vigilant. Although there have been no reports of misuse of the compromised data, there is a possibility of receiving fraudulent emails requesting payments under the guise of incomplete bookings or failed transactions. Centerparks emphasizes that it will never ask for payment links via email. Customers with existing bookings are encouraged to verify their account status through the official Centerparks website or the MyCP mobile application.

Any suspicious payment requests, especially those containing bank account information, should be disregarded. Customers should instead check their MyCP accounts to confirm any outstanding balances.

This incident highlights the growing frequency of data breaches. Recently, another incident at Numa, a hospitality service, revealed a complete database of customer information.