Exposed: Cancún Tourists’ Personal Info Leaked in Major Cyber Attack

The security of thousands of tourists who have visited Cancún has been compromised due to a large-scale cyber attack. The breach affected both domestic and international visitors who have traveled to the popular destination in recent years.

Haven Resorts, a hotel group with properties in Quintana Roo, was among the entities breached. Other luxury hotel groups were also affected, alongside travel agencies including Despegar.com, Agoda Company, Expedia, and OTS Open. These companies, along with various intermediaries that handle hotel payments and reservations in the Mexican Caribbean, had their records exposed in the leak.

More than 24,000 hotel reservations were compromised in the breach, revealing personal, banking, and transactional information of guests. The leaked data, now available on the dark web, could potentially be used by cybercriminals for financial fraud, identity theft, and phishing campaigns.

The exposed information includes full names, email addresses, phone numbers, home addresses, travel itineraries, and partial credit card details. This breach poses a significant risk of bank fraud and identity theft. The compromised reservations range from 2022 to 2025, and the leak reportedly occurred on March 11. Not only were guests affected, but also hotel chain employees, as the leaked documents included employment contracts with personal information.

Cyber attacks have become increasingly sophisticated in recent years. The Cybersecurity Report 2025 by the Center for Cyber Intelligence (CCI) of Entel Digital reports that organized cybercrime increased by 30% during 2024. This surge is largely due to the use of Artificial Intelligence (AI) for executing larger, more targeted attacks, and the rise of Ransomware-as-a-Service (RaaS) platforms.

RaaS has emerged as the primary threat in Latin America and the Caribbean, accounting for 38% of all cyber attacks in the region in 2024. Brazil led the incidents with 46% of the cases, followed by Mexico (17%), Argentina (10%), and Chile (7%). The exploitation of "unpatched" vulnerabilities, lack of mitigation strategies, system updates, and incident response protocols have been key factors in the spread of RaaS.

The economic impact of cybercrime has also significantly increased. In 2024, the average cost of post-ransomware recovery reached $3 million, while the cost of a data breach increased from $4.45 million in 2023 to $4.88 million in 2024.

The nature of attacks has evolved as well, with a 61% increase in incidents targeting cloud services. Data security breaches (21%), misuse of cloud services (17%), and configuration errors (12%) were the main vulnerabilities, highlighting the need for a robust security strategy.