The Japan Tourism Agency has instructed the international travel reservation service, Booking.com, to alert users to incidences of credit card fraud on its website.
Agency officials say they have confirmed that hackers infiltrated the website and stole the credit card details of people who had booked accommodations.
They say Booking.com's office in Japan responded on Sunday to an inquiry by the agency. Booking.com has its head office in the Netherlands.
The officials say the company reported that the perpetrators send e-mails to hotels pretending to be a traveler, then somehow steal IDs and passwords for the booking site.
The stolen ID is then thought to be used to access the site's systems to identify people with reservations. Then the hackers send fraudulent messages to those people saying they have to settle their accounts in advance.
The company says incidences have been reported around the world and it is still confirming the exact number of cases.
Tourism minister Saito Tetsuo told reporters on Tuesday that his agency has instructed the company to warn users to prevent the problem from spreading. He said industry groups have also been informed.