{"id":37165,"date":"2020-09-16T15:27:46","date_gmt":"2020-09-16T15:27:46","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31579\/Accidental-Airbnb-Account-Takeover-Linked-To-Recycled-Phone-Numbers.html"},"modified":"2020-09-16T15:27:46","modified_gmt":"2020-09-16T15:27:46","slug":"accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/","title":{"rendered":"Accidental Airbnb Account Takeover Linked To Recycled Phone Numbers"},"content":{"rendered":"
\n
Airbnb CEO Brian Chesky takes the stage at a 2016 entrepreneurship event. Airbnb claims it has resolved a privacy flaw involving recycled phone numbers and new account sign-ups. (Kurt Krieger\/Corbis via Getty Images)<\/figcaption><\/figure>\n

It\u2019s a flaw that can result in account takeover, credit card theft and privacy leaks, and yet it has gone unaddressed for years on certain websites and online apps.<\/p>\n

The scenario works like this: A mobile device owner attempts to register an account on a website or web app, using a phone number that was recently assigned to him by a telecom carrier. But that phone number previously belonged to a different phone owner who at one time also signed up for the same web service. Instead of creating a new account, the new device owner instead is logged into the account of the phone number\u2019s original owner.<\/p>\n

\u201cIt\u2019s probably one of the oldest vulnerabilities with regards to mobile phone numbers\u2026 and identity,\u201d said Marc Rogers, executive director of cybersecurity at Okta.<\/p>\n

It\u2019s almost as if the new device owner has pulled off a SIM swap scam \u2013 only there was no intent of deception. Nobody tricked the wireless carrier into reassigning a victim\u2019s phone number to another device. It just happened by chance.<\/p>\n

Still, a less ethical person might take advantage of the situation by perusing the stranger\u2019s online account for their payment card information or personal details. This is what compelled one concerned citizen to contact SC Media last week after her husband encountered this very flaw while registering an account with online vacation rental marketplace Airbnb.<\/p>\n

\u201cWhen we went to the Airbnb site to sign up, the site gave us a few options to register as a new user. The first option on the list is by phone number,\u201d the tipster, who wishes to remain anonymous, reported. \u201cSo we went ahead and typed in my husband\u2019s phone number \u2013 which he obtained last May, not too long ago.\u201d<\/p>\n

Her husband then was sent a four-digit verification code to enter the site, and \u201cboom! We were logged in to another user\u2019s account,\u201d she said.<\/p>\n

That account belongs to a stranger whose valid credit card information, email address, phone number and other personal details were all accessible to the tipster and her husband \u2013 apparently all because the stranger had previously owned the husband\u2019s phone number.<\/p>\n

When SC Media contacted Airbnb last Friday regarding the complaint, a spokesperson said the company would address the issue and on Tuesday followed up with a statement: \u201cWe\u2019ve developed a resolution for the reported issue involving recycled phone numbers and new account sign ups, which fortunately only affected a very small number of our users. We are constantly evaluating and improving our protections and are committed to strengthening the security controls of our platform.\u201d<\/p>\n

But the tipster disagreed and said the problem was not resolved. She said she determined this not by logging into the stranger\u2019s account again, but by attempting to sign up for a new Airbnb account using her own phone number (not her husband\u2019s), even though she already had an account registered with that number. Instead of creating a new account, she was logged in to her own previously existing account, she told SC Media.<\/p>\n

Moreover, she said she never received any alerts from Airbnb notifying her of this anomalous account login activity \u2013 and therefore concluded that the stranger whose account was accidentally hijacked probably never did either. <\/p>\n

The tipster sent SC Media numerous screenshots of the Airbnb website as evidence of this accidental account takeover as well as images of her chat activity with Airbnb online support. At one point, the support team member tells the tipster that the only way for the husband to create his own account is to register with a different phone number, apparently because his own number was still associated with the stranger\u2019s account.<\/p>\n

As it turns out, websites and apps have experienced this commonplace problem for years.<\/p>\n

\n
Marc Rogers, executive director of cybersecurity at Okta. (Kimberly White\/Getty Images for TechCrunch)<\/figcaption><\/figure>\n<\/div>\n

\u201cPhone numbers are recycled more frequently than before, especially with the explosion of new devices that require SIM cards,\u201d Rogers explained. <\/p>\n

Telecom companies try to avoid problems associated with recycling disowned numbers by taking those numbers out of service for a period of time before recycling them. (The FCC requires a minimum of 90 days.) However, this is not a panacea, and so it is advisable that website and web app developers \u2013 along with web account owners \u2013 follow best practices to help alleviate the issue.<\/p>\n

Many don\u2019t, though. Indeed, messaging service WhatsApp has reportedly also experienced the same problem<\/a> of logging individuals with recycled phone numbers into other people\u2019s accounts.<\/p>\n

In certain cases, website or app operators could find themselves in violation of GDPR or Payment Card Industry data security standards if users\u2019 information were to be exposed, Rogers said.<\/p>\n

Best practices for developers, users<\/strong><\/p>\n

For starters, web and app developers should freeze accounts after a period of inactivity. That way, entering a reused phone number months after an account goes dormant can\u2019t just automatically revive it.<\/p>\n

\u201cBest practice dictates that if you have a user account go silent for more than a set amount of time \u2013 especially an account that\u2019s associated with payment details \u2013 you should lock it,\u201d said Rogers, \u201cbecause that user has gone away.\u201d<\/p>\n

\u201cAt the very least, if the user appears to come back, force them to go through a re-registration process to prove that they\u2019re same person,\u201d Rogers continued. \u201cBut this isn\u2019t happening in some cases, and there are quite a few high-profile applications out there that hang on to users\u2019 information, almost indefinitely.\u201d<\/p>\n

In the case presented by the tipster, it\u2019s unclear whether or not the stranger whose account was accidentally accessed is still actively using her Airbnb account, despite no longer using the phone number she originally registered it with. If she has been actively using her account, then Rogers\u2019 suggestion for Airbnb to lock down dormant accounts wouldn\u2019t alone have prevented the accidental account takeover.<\/p>\n

Still, there is more even companies like Airbnb can do. Namely, they can add a second factor of authentication when registering or re-registering for an online web service. \u201cIt should ask for additional information, especially when viewing things like financial payment systems,\u201d said Rogers. Simple proof that you physically possess the phone isn\u2019t sufficient in the situation presented by the tipster: \u201cWell, of course<\/em> you\u2019re in possession of the phone,\u201d said Rogers. After all, the phone number was assigned to you.<\/p>\n

Proactive login alerts that inform account-holders when anomalous new login activity is taking place could also prove to be a useful security measure to warn of possible account takeovers before any damage is done.<\/p>\n

An example of a company following best practices, said Rogers, is the messaging app Signal. If Signal users swap phones or change numbers on a phone, they start with an empty message history when they reinstall the app.<\/p>\n

There is also an onus on individual account owners to change their online account details or even deactivate their accounts if they plan to drop or switching phone numbers, said Rogers. This is also potentially an important lesson for businesses, which sometimes provision and re-provision corporate-owned mobile devices to multiple employees who may go on to use those devices to register for online accounts.<\/p>\n

\u201cThe same problem exists with mobile phones that you buy secondhand on eBay,\u201d said Rogers, noting that he\u2019s \u201cpicked up secondhand phones and found sensitive user information on them, even valid session IDs from major accounts.\u201d<\/p>\n

\n
Photo illustration: A man regards the Airbnb website. (Yuriko Nakao\/Getty Images)<\/figcaption><\/figure>\n<\/div>\n

Better customer service on Airbnb\u2019s part could have also helped the tipster, who was frustrated by multiple misunderstandings while talking to a customer support agent. At one point, the representative mistakenly thought the tipster was asking if she could complete a third-party booking. Then later, the rep incorrectly addressed the tipster by the wrong name, using the name of the stranger whose account was accidentally hijacked.<\/p>\n

While Rogers wasn\u2019t surprised to learn of this issue, he did express puzzlement as to why developers continue to tussle with this vulnerability.<\/p>\n

\u201cWe\u2019ve known about this problem for at least 20 years. And there are plenty of apps out there that do design securely to make sure that their apps have privacy by design,\u201d said Rogers. \u201cSo I would say there\u2019s largely no excuse for the apps that don\u2019t do this.\u201d<\/p>\n<\/p><\/div>\n

\n

Topics:<\/h2>\n

Privacy<\/a> Privacy & Compliance<\/a> Vulnerabilities<\/a> Web Security<\/a> <\/section>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":37166,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[8931],"class_list":["post-37165","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackerphonepassword"],"yoast_head":"\nAccidental Airbnb Account Takeover Linked To Recycled Phone Numbers 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Accidental Airbnb Account Takeover Linked To Recycled Phone Numbers 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-09-16T15:27:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"614\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Accidental Airbnb Account Takeover Linked To Recycled Phone Numbers\",\"datePublished\":\"2020-09-16T15:27:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\\\/\"},\"wordCount\":1460,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers.jpg\",\"keywords\":[\"headline,hacker,phone,password\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\\\/\",\"name\":\"Accidental Airbnb Account Takeover Linked To Recycled Phone Numbers 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers.jpg\",\"datePublished\":\"2020-09-16T15:27:46+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers.jpg\",\"width\":1024,\"height\":614},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,phone,password\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerphonepassword\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Accidental Airbnb Account Takeover Linked To Recycled Phone Numbers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Accidental Airbnb Account Takeover Linked To Recycled Phone Numbers 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/","og_locale":"en_US","og_type":"article","og_title":"Accidental Airbnb Account Takeover Linked To Recycled Phone Numbers 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-09-16T15:27:46+00:00","og_image":[{"width":1024,"height":614,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Accidental Airbnb Account Takeover Linked To Recycled Phone Numbers","datePublished":"2020-09-16T15:27:46+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/"},"wordCount":1460,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers.jpg","keywords":["headline,hacker,phone,password"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/","url":"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/","name":"Accidental Airbnb Account Takeover Linked To Recycled Phone Numbers 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers.jpg","datePublished":"2020-09-16T15:27:46+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/09\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers.jpg","width":1024,"height":614},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/accidental-airbnb-account-takeover-linked-to-recycled-phone-numbers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,phone,password","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerphonepassword\/"},{"@type":"ListItem","position":3,"name":"Accidental Airbnb Account Takeover Linked To Recycled Phone Numbers"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/37165","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=37165"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/37165\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/37166"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=37165"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=37165"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=37165"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}