Otelier

What Happened

In July 2024, a threat actor gained access to the hotel management platform Otelier and retrieved customer data from well-known hotel brands including Marriott, Hilton, and Hyatt. The data included 437k customer email addresses (a further 868k generated email addresses from the booking.com and Expedia platforms were not loaded into HIBP), names, physical addresses, phone numbers, booking information related to travel plans, purchases recorded by the platform and in a small number of cases, partial credit card data.

Compromised Data

Email addresses
Names
Partial credit card data
Phone numbers
Physical addresses
Purchases
Travel plans

Recommended Actions

Sponsored
Aura

Get Aura for identity theft and credit protection. Keep your assets safe with fast fraud alerts, instant credit lock, and $1,000,000 identity theft insurance. Speak to a U.S. based fraud specialist 24/7.

Try Aura
Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password

Breach Overview

  • Affected Accounts:

    436.9 thousand

  • Breach Occurred:

    July 2024

  • Added to HIBP:

    18 Jan 2025

  • Attribution:

    ayame@xmpp.jp

Recommended Actions

Change Your Password

If you haven't changed your Otelier password since 2024, do so immediately.

Enable Two-Factor Authentication

Add an extra layer of security to your account.

Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password
Sponsored
Aura

Get Aura for identity theft and credit protection. Keep your assets safe with fast fraud alerts, instant credit lock, and $1,000,000 identity theft insurance. Speak to a U.S. based fraud specialist 24/7.

Try Aura