#CyberWeekly

Hundreds of Flemish hotel guests were scammed this week after a data breach exposed hotel reservation details across Belgian and Dutch hotels. Criminals used the real booking information to send convincing "pay now or lose your room" messages, and some guests lost thousands of euros.

• What happened: reservation data was stolen and used for targeted phishing. Guests get a WhatsApp or email message demanding payment "within 11 hours or your booking is cancelled," quoting their real name, dates and hotel. A hotel manager on the Belgian coast told Het Laatste Nieuws that some guests lost thousands, depending on the length of their stay
• The tell that almost was not there: guests who booked by phone were not targeted. The common thread is the online reservation system the affected hotels share, built by a Ghent software company, which says it has found no evidence its own systems were accessed. Wherever the leak sits, the data was real and the scam worked
• Why it lands: the data did not have to leak from a hotel's own systems for that hotel's guests to be robbed. A breach somewhere in the booking supply chain became a hyper-personalised scam. Correct details are not proof of a legitimate message
• What to do: Belgium's Safeonweb has a standing warning about exactly this scam, and its advice holds. Never pay through a link in an unexpected message; if unsure, contact the accommodation using only details you already had (not the ones in the suspicious message); and forward suspect messages to suspect@safeonweb.be

For managed service providers (MSPs), the lesson is blunt: your client's data does not have to leak from their systems to burn them. A vendor's breach becomes your client's phishing problem. Train staff that a correct booking reference proves nothing, and pay only through channels you already trusted. Our phishing guide and supplier-security guide are the plain-language versions.

Most NIS2 compliance tools hide their price behind a "contact sales" button. We just published ours in full: every tier, every per-client bracket, on one page, with no form and no sales call to see a number.

• The whole table is public. Starter through Enterprise, the monthly base for each tier, and the per-client fee by client size. You can compare us against anyone without booking a meeting first
• Why we did it. Our promise is that compliance should be easy, and that starts before you sign up. If you have to schedule a call just to learn the price, that is friction we would rather remove
• It covers the real cost, not just the sticker. The page walks through total cost of ownership: the licence is rarely the biggest cost, your own internal time is, plus a separate audit fee if you choose to certify
• Bonus this week: accessibility improvements across 16 pages of the app, with better keyboard navigation and screen-reader support, so the workspace works for everyone on your team

Transparent pricing is part of the product, not a marketing afterthought. See the full breakdown and decide for yourself.

The Centre for Cybersecurity Belgium flagged a cluster of critical fixes around 1 June. Two matter most for Belgian small and medium-sized enterprises (SMEs): a Palo Alto VPN flaw already under active attack, and a FreePBX phone-system bug a stranger can walk straight into.

• Palo Alto PAN-OS GlobalProtect: CVE-2026-0257 (severity 7.8), actively exploited. An authentication bypass that lets attackers open unauthorised virtual private network (VPN) connections into your internal network. CCB issued a "patch immediately" advisory on 1 June; the United States' CISA set the same day as its fix deadline, and exploitation was traced back to mid-May. Plenty of Belgian SMEs sit behind a Palo Alto firewall their MSP manages. Patch it now
• FreePBX control panel: CVE-2026-46376 (severity 9.1). Hard-coded credentials let a remote, unauthenticated attacker into the portal. CCB advisory dated 1 June; fixed in FreePBX 16.0.45 and 17.0.7. Many small Belgian firms run a FreePBX or Asterisk phone system that was installed once and then forgotten, which is a real toll-fraud and eavesdropping risk
• Also flagged the same week: critical fixes for the Progress Sitefinity content system (3 June) and multiple Oracle products (29 May). None of this is a one-off; a wave like it lands every single week

This weekly rhythm is exactly what patch management turns into a calendar instead of a fire drill. "When did we last patch the firewall and the phone system?" is this week's question to put to every client. Our patch-management guide is the version you can hand straight to them.