Comparison Overview

Booking Holdings (NASDAQ: BKNG)

VS

The Death Star

Booking Holdings (NASDAQ: BKNG)

800 Connecticut Avenue, Norwalk, 06854, US
Last Update: 2026-04-02
View Profile
Between 800 and 849
http://www.bookingholdings.com

Booking Holdings is the world’s leading provider of online travel & related services, provided to consumers and local partners in more than 220 countries and territories through six primary consumer-facing brands: Booking.com, Priceline, Agoda, Rentalcars.com, KAYAK and OpenTable. Collectively, Booking Holdings operates in more than 40 languages across Europe, North America, South America, the Asia-Pacific region, the Middle East and Africa. The mission of Booking Holdings is to make it easier for everyone to experience the world.

NAICS: 513
NAICS Definition: Others
Employees: 17,812
Subsidiaries: 6
12-month incidents
0
Known data breaches
1
Attack type number
2
View Profile

The Death Star

BN
Last Update: 2026-03-28
Between 800 and 849
http://www.starwars.com

The mission of the Death Star is to keep the local systems "in line". As we have recently dissolved our Board of Directors, there is little resistance to our larger goal of universal domination. Our Stormtroopers are excellent shots and operate with our Navy, and are fielded like marines - separate from our army.

NAICS: 513
NAICS Definition: Others
Employees: 117
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/bookingholdings.jpeg
Booking Holdings (NASDAQ: BKNG)
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/the-death-star.jpeg
The Death Star
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Booking Holdings (NASDAQ: BKNG)
100%
Compliance Rate
0/4 Standards Verified
The Death Star
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Technology, Information and Internet Industry Average (This Year)

No incidents recorded for Booking Holdings (NASDAQ: BKNG) in 2026.

Incidents vs Technology, Information and Internet Industry Average (This Year)

No incidents recorded for The Death Star in 2026.

Incident History — Booking Holdings (NASDAQ: BKNG) (X = Date, Y = Severity)

Booking Holdings (NASDAQ: BKNG) cyber incidents detection timeline including parent company and subsidiaries

Incident History — The Death Star (X = Date, Y = Severity)

The Death Star cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/bookingholdings.jpeg
Booking Holdings (NASDAQ: BKNG)
Incidents

Date Detected: 6/2025
Type:Cyber Attack
Attack Vector: Mass-phishing, Infostealer trojans
Motivation: Financial gain
Blog: Blog

Date Detected: 4/2025
Type:Cyber Attack
Attack Vector: compromised email accounts, phishing links, fake reCAPTCHA challenge, malware download (PureRAT), personalized WhatsApp messages, fake Booking/Expedia websites
Motivation: financial gain, data theft, fraudulent transactions
Blog: Blog

Date Detected: 2/2025
Type:Cyber Attack
Attack Vector: malicious domain registration, social engineering, phishing emails/websites
Motivation: financial gain, theft of payment details
Blog: Blog
https://images.rankiteo.com/companyimages/the-death-star.jpeg
The Death Star
Incidents

No Incident

FAQ

Booking Holdings (NASDAQ: BKNG) company demonstrates a stronger AI Cybersecurity Score compared to The Death Star company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Booking Holdings (NASDAQ: BKNG) company has historically faced a number of disclosed cyber incidents, whereas The Death Star company has not reported any.

In the current year, The Death Star company and Booking Holdings (NASDAQ: BKNG) company have not reported any cyber incidents.

Neither The Death Star company nor Booking Holdings (NASDAQ: BKNG) company has reported experiencing a ransomware attack publicly.

Booking Holdings (NASDAQ: BKNG) company has disclosed at least one data breach, while the other The Death Star company has not reported such incidents publicly.

Booking Holdings (NASDAQ: BKNG) company has reported targeted cyberattacks, while The Death Star company has not reported such incidents publicly.

Neither Booking Holdings (NASDAQ: BKNG) company nor The Death Star company has reported experiencing or disclosing vulnerabilities publicly.

Neither Booking Holdings (NASDAQ: BKNG) nor The Death Star holds any compliance certifications.

Neither company holds any compliance certifications.

Booking Holdings (NASDAQ: BKNG) company has more subsidiaries worldwide compared to The Death Star company.

Booking Holdings (NASDAQ: BKNG) company employs more people globally than The Death Star company, reflecting its scale as a Technology, Information and Internet.

Neither Booking Holdings (NASDAQ: BKNG) nor The Death Star holds SOC 2 Type 1 certification.

Neither Booking Holdings (NASDAQ: BKNG) nor The Death Star holds SOC 2 Type 2 certification.

Neither Booking Holdings (NASDAQ: BKNG) nor The Death Star holds ISO 27001 certification.

Neither Booking Holdings (NASDAQ: BKNG) nor The Death Star holds PCI DSS certification.

Neither Booking Holdings (NASDAQ: BKNG) nor The Death Star holds HIPAA certification.

Neither Booking Holdings (NASDAQ: BKNG) nor The Death Star holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References