Otelier data breach overview:
- Who: Hotel management platform Otelier reportedly experienced a data breach.
- Why: The breach reportedly exposed hotel guest reservations and other sensitive data for several high-profile hotel chains, including Marriott and Hilton.
- Where: The hotel hack affected hotel chains across the U.S. and around the world.
A data breach at hotel management platform Otelier has reportedly exposed sensitive customer data from high-profile hotel chains, including Marriott and Hilton.
The bad actors behind the data breach told BleepingComputer they were able to breach Otelier by using infostealer software to snag Atlassian login credentials from an Otelier employee, reports TechRadar.
Otelier is a hotel management platform reportedly used by more than 10,000 hotels around the globe, including both independent properties and leading brands such as Hyatt, Wyndham and others.
The hackers, meanwhile, told BleepingComputer they were able to scrape tickets and data in Otelier’s system during the hotel hack that allowed them to obtain credentials for an Amazon Web Services (AWS) data storage container known as an S3 bucket, reports TechRadar.
Marriott reportedly said the bad actors initially tried to extort the popular hotel chain, believing it owned the stolen data.
Hackers claim to have exfiltrated 7.8TB of data during Otelier data breach
The bad actors reportedly said they were able to exfiltrate 7.8TB of data — including “millions of documents belonging to Marriott” — during the hotel hack, after obtaining the credentials for the AWS S3 bucket
Information exposed in the data breach included hotel reports, shift audits and accounting data, among other things, reports TechRadar.
A sample of the stolen data reportedly apparently included hotel guest reservations, employee emails, transaction information and other internal data.
Otelier said hundreds of thousands of email addresses were exposed in the data breach in total; in some cases, the bad actors obtained hotel guests’ names, addresses, phone numbers and email addresses, reports TechRadar.
Otelier reportedly told BleepingComputer it hired a team of cybersecurity experts to analyze and validate its systems in the wake of the hotel hack, and that a subsequent investigation found the unauthorized access “was terminated.”
In other data breach news, the Country Inn & Suites Radisson hotel chain reportedly suffered an alleged data breach last year that may have exposed the personal information of thousands of Radisson customers.
Are you affected by the Otelier data breach? Let us know in the comments.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
156 thoughts onMarriott, Hilton hotels exposed in Otelier data breach
I don’t know if I’m affected or not but i have stayed at the Hilton Hotel while on vacation and still have rewards points.
I wish to be added to your list! Between my husband’s business travels over the years; family vacations we took using hotels for overnight stays & suites to stay in for almost a week; having our wedding reception at a hotel (Embassy Suites) & booking a block of rooms for our guests; and finally to booking a room to stay the night after a wedding reception. I could list all the hotels between me & my husband! So again, place me on your list!!
yes, please add me as i frequently stay at these hotels and I have had fraud that has affected my life.
Please add me. I stay at Hilton Hotels for all of my business trips.
Please add me , we’ve been and I don’t know if we were affected or not
Please add me, I have stayed at several of these hotels before
I am sadly most certainly impacted by this as a very long term Hilton client, staying at their locations across the nation for both business and personal travel. So sad and disappointing that the very best of companies can be so lax with their security. We all know how ‘bad actors’ have proliferated, and these days, you must employ top notch cyber security departments and personnel and stay very diligent. You have to train, train, train your employees on evasive measures, and do what’s right. NO EXCUSES anymore! Even my grandma would know this if she was still alive.
please add me. I have stayed at many of these hotels for years
Please add me
Add me
march 4 2025 add me