I'm sure Airbnb will be notifying hosts about this security breach as quickly as possible- most of this can be verified online and is starting to make headlines.
It appears that Airbnb host accounts may be at risk. I suggest all hosts change their passwords and verify notifications are set to ON.
Here's what happened to me at 8:30 this morning; I caught an unauthorized change to my payout account- one notification from Airbnb came through via text, then instantly about 150+ random spam text messages and emails followed. This is a professional attempt to bury the one alert notification that you'll receive.
I knew what this meant. I immediately went to my computer and logged into my email and my Airbnb account & saw that they'd changed my payout method, changed my payout address, and set all my notification settings to "OFF."
They did not change my password.
My account password was a 15-digit, unique password with symbols, numbers, & varying cases, and they're never reused, duplicated, or modified- they're completely unique to every account I have.
This scenario means that the hack came from the Airbnb system, and not from having my account info leaked. This wasn't a single, individual's hack. This is the result of a major Airbnb security breach.
HERE'S the resulting problem:
The host system ALSO HOLDS hosts' tax info (full legal name, social security number), a copy of the drivers license (photo id, full legal name, home address, & DATE OF BIRTH), your banking info, your credit card info, and your connected social media logins, as well as whatever public facing data you share on your profile.
This is a major security breach, and I'm sure they'll be notifying hosts as quickly as possible.
I recommend changing your password and checking your notification settings. Since my info was changed by the hackers, I have also cancelled the credit card that Airbnb has on file, and I've frozen my credit with the three main credit bureaus.