Cloud Threat Landscape
  • Incidents
  • Actors
  • Techniques
  • Defenses
  • Tools
  • Targeted Technologies
  • Posters & Newspapers
  • About
  • RSS
  • STIX
  • Back to wiz.io
Cloud Threat Landscape
/Incidents
Incidents
/
Otelier data breach

Otelier data breach

Type
Incident
Actors
❓Unknown
Pub. date
January 17, 2025
Initial access
End-user compromise
Impact
Data exfiltration
Observed techniques
Credential compromise via Infostealer infection
Targeted technologies
Jira Server
References
https://www.bleepingcomputer.com/news/security/otelier-data-breach-exposes-info-hotel-reservations-of-millions/
Status
Finalized
Last edited
Jan 19, 2025 8:08 PM

An Otelier employee's workstation was infected with an infostealer, leading to compromise of their Jira credentials. The threat actor abused these to gain access to the Jira server, which contained additional credentials granting access to S3 buckets, which contained various documents.

Made with 💙 by Wiz

Last Updated: April 3, 2025