Summary: Otelier, a hotel management platform, experienced a significant data breach after threat actors accessed its Amazon S3 cloud storage, compromising millions of guests’ personal information and reservations from major hotel brands. The breach, which began in July 2024 and continued through October, involved the theft of approximately 7.8 terabytes of data, including sensitive information from Marriott, Hilton, and Hyatt. Otelier is currently working with cybersecurity experts to enhance its security measures and communicate with affected customers.

Threat Actor: Unknown | unknown
Victim: Otelier | Otelier

Keypoints :

• The breach was facilitated by stolen credentials obtained through information-stealing malware.
• Data stolen includes hotel guest reservations, personal information, and internal documents from major hotel brands.
• While passwords and billing information were not compromised, the exposed data could lead to targeted phishing attacks.