Eight months ago, I booked an Airbnb on my new iPhone. The confirmation congratulated someone called Rachel on the booking.

I realised Airbnb tech had somehow logged me in to a stranger’s account using my new work phone number and my Face ID. Airbnb later told me the phone number had been recycled and was previously owned by “Rachel”. No payment had been taken and I immediately cancelled the reservation and booked a different property.

Two weeks later, Airbnb took around £500 from my PayPal account for this “Rachel” booking. Airbnb keeps saying that I had passed my account details to a friend or relative who had legitimately made the booking, or that the refund has been sent. However, no money has appeared.

JM, London

Airbnb’s response to this abysmal experience is disingenuous. “We immediately secured this account when the matter was first brought to our attention over seven months ago,” it says. “This type of issue is very rare and we have provided a full refund to the guest.”

No mention of the eight months’ wait and the eventual press prod to get your money back. Only when I questioned its response did it admit its service had fallen short.

I wonder how rare this occurrence really is if Airbnb automatically logs customers in using only a phone number. And how your debit card came to be associated with the stranger’s account. Airbnb did not wish to enlighten me.

What it did say is that it “supports” users to remove disused phone numbers from previous accounts and offers “multi-factor authentication”.

Your experience suggests it doesn’t try hard enough.

Email your.problems@observer.co.uk. Include an address and phone number. Submission and publication are subject to our terms and conditions