Here’s the American English translation of the provided text:
The hotel management platform Otelier, used by over 10,000 hotels worldwide, has fallen victim to a massive cyberattack that exposed sensitive reservation information and personal data of millions of guests. This incident affects major chains such as Marriott, Hilton, and Hyatt, whose operations partially rely on this cloud-based technology solution.
The Attack and Its Consequences
The incident, which took place between July and October 2024, allowed attackers to access nearly 8 terabytes of data stored on Amazon’s S3 servers used by Otelier. According to information confirmed by the company, the cybercriminals exploited stolen credentials through malware to initially infiltrate an Atlassian server. This enabled them to collect additional information, including that which gave them full access to the S3 containers.
Among the exposed data are operational reports, audits, financial transactions, and reservation details. According to Troy Hunt, a cybersecurity expert, the records include up to 39 million rows of reservation-related data and a user table with 212 million entries, although only 1.3 million unique email addresses were detected due to duplicates.
Compromised Information and Risks
Compromised information includes:
- Guest names.
- Email addresses and phone numbers.
- Physical addresses.
- Details related to reservations, such as stay dates.
While no passwords or payment data were detected in the breach, experts warn that this information could be used in targeted phishing attacks or to commit identity fraud.
Otelier’s Response and Affected Hotels
After detecting the attack, Otelier suspended access for the compromised accounts and hired cybersecurity experts to conduct a thorough forensic analysis. In a statement, the company noted: “We are working with specialists to strengthen our systems and prevent future incidents.”
Marriott, one of the most affected chains, confirmed that its systems were not directly compromised, but it suspended automated services provided by Otelier until the investigation is resolved. A spokesperson stated: “We immediately contacted Otelier upon learning of the incident and have taken additional steps to protect our guests.”
Hyatt and Hilton, also mentioned in the attack, have not issued comments on the matter.
Extortion and Actions of the Attackers
The cybercriminals attempted to extort Marriott, believing that the data in the S3 containers belonged directly to the hotel chain. However, their attempts were in vain after Otelier updated the credentials in September, blocking the attackers’ access.
Recommendations for Users
In light of this attack, users should be vigilant against potential fraud attempts. It is recommended to:
- Verify suspicious emails that attempt to impersonate hotel chains.
- Avoid clicking on unknown links or providing personal information without confirming the authenticity of the sender.
- Check if your email address has been exposed using tools like Have I Been Pwned.
A Call to Strengthen Cybersecurity in the Sector
The cyberattack on Otelier highlights the vulnerability of cloud management platforms, especially in an industry that handles large volumes of personal and financial data. Incidents like this underscore the need for more robust investments in cybersecurity to prevent future attacks and maintain the trust of both businesses and their customers.
The impact of this breach not only affects the reputation of the involved brands but also raises questions about how to ensure security in an increasingly digitalized ecosystem.
via: Security News