Published: Thu, July 13, 2017
Economy | By Melissa Porter

Hackers stole guests' credit card numbers from Trump Hotels for months

Hackers stole guests' credit card numbers from Trump Hotels for months

Hackers had access to credit card details and other personal information of guests at 14 Trump properties in 2016 in a months-long security breach, Trump Hotels revealed on Tuesday (11 July).

The current breach took place at the Sabrea Hospitality Solutions, which is a reservation service used by the Trump Hotels. Despite the Soho listing, Trump Hotels and Sabre assert that the first breach was August 10, 2016, and the last was March 9, 2017. Cardholder names, card numbers, expiration dates and potentially card security codes were accessed, and in some cases guest names, emails, phone numbers, addresses and other information were also accessed. (Or just cancel them outright; most banks will replace credit cards at no cost if there are security concerns.) The Trump Hotels organization also recommends that users obtain a credit report, and report fraud if they see anything untoward. It added that the cyberattack did not affect Trump Hotels' systems.

This is the third time the luxury hotel chain has been the victim of a data breach.

A second attack occurred over a year later, when an attacker installed malware on 39 systems affecting five Trump hotels in November 2015.

Trump Hotels was notified that its customers were affected by the incident at the start of June. What is known, however, is that more and more hospitality chains are now announcing that customers have been impacted and the breach of their consumers' personal financial information is damaging to both the customers and to the brands they've come to trust.

Singer posited that the Trump hotel chain was more prone to attack than ever before given President Donald Trump's stature on the national stage and the number of influential targets staying at Trump properties, including lawmakers, lobbyists and foreign dignitaries.

The attack comes less than a year after Trump International Hotels Management paid $50,000 in penalties to ny state for failing to notify customers immediately of an earlier data breach.

Within the past two weeks, Four Seasons Hotels and Resorts, Hard Rock Hotels & Casinos, Loews Hotels, Carlson Wagonlit Travel used by some Google employees (pdf) and now Trump Hotels started notifying customers of the data breach. The breach included names and Social Security numbers of more than 300 people.

Like this: