
Otelier
What Happened
In July 2024, a threat actor gained access to the hotel management platform Otelier and retrieved customer data from well-known hotel brands including Marriott, Hilton, and Hyatt. The data included 437k customer email addresses (a further 868k generated email addresses from the booking.com and Expedia platforms were not loaded into HIBP), names, physical addresses, phone numbers, booking information related to travel plans, purchases recorded by the platform and in a small number of cases, partial credit card data. The data was provided to HIBP by a source who requested it be attributed to "ayame@xmpp.jp".
Compromised Data
Recommended Actions
Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.
Try 1PasswordBreach Overview
-
Affected Accounts:
436.9 thousand
-
Breach Occurred:
July 2024
-
Added to HIBP:
18 Jan 2025
Recommended Actions
Change Your Password
If you haven't changed your Otelier password since 2024, do so immediately.
Enable Two-Factor Authentication
Add an extra layer of security to your account.