Banking industry sources tell KrebsOnSecurity that the Trump Hotel Collection — a string of luxury properties tied to business magnate and Republican presidential candidate Donald Trump — appears to be dealing with another breach of its credit card systems. If confirmed, this would be the second such breach at the Trump properties in less than a year.
Trump International Hotel in New York.
A representative from Trump Hotels said the organization was investigating the claims.
“We are in the midst of a thorough investigation on this matter,” the company said in a written statement. “We are committed to safeguarding all guests’ personal information and will continue to do so vigilantly.”
KrebsOnSecurity reached out to the Trump organization after hearing from three sources in the financial sector who said they’ve noticed a pattern of fraud on customer credit cards which suggests that hackers have breached credit card systems at some — if not all — of the Trump Hotel Collection properties.
On July 1, 2015, this publication was the first to report that banks suspected a breach at Trump properties. After that story ran, Trump Hotel Collection acknowledged being alerted about suspicious activity tied to accounts that were recently used at its hotels. But it didn’t officially confirm that its payment systems had been infected with card-stealing malware until October 2015.
The Trump Hotel Collection includes more than a dozen properties globally. Sources said they noticed a pattern of fraud on cards that were all used at multiple Trump hotel locations in the past two to three months, including at Trump International Hotel New York, Trump Hotel Waikiki in Honolulu, and the Trump International Hotel & Tower in Toronto.
The hospitality industry has been hit hard by card breaches over the past two years. In April 2014, hotel franchising firm White Lodging confirmed its second card breach in a year. Card thieves also have hit Hilton, Hyatt, and Starwood properties. In many of those breaches, the hacked systems were located inside of hotel restaurants and gift shops.
Like most other current presidential candidates, Mr. Trump has offered little in the way of a policy playbook on cybersecurity. But in statements last month, Trump bashed the United States as “obsolete” on cybersecurity, and suggested the country is being “toyed with” by adversaries from China, Russia and elsewhere.
“We’re so obsolete in cyber,” Trump told The New York Times. “We’re the ones that sort of were very much involved with the creation, but we’re so obsolete.” Trump was critical of the US military’s cyber prowess, charging the Defense Department and the military are “going backwards” in cyber while “other countries are moving forward at a much more rapid pace.”
“We are frankly not being led very well in terms of the protection of this country,” Trump said.
Excellent Insight! It seems he didn’t learn from the first breach.
It is unfortunate that Trump’s hotel chain was damaged by a breach, it is also unfortunate if it was hit again. I however though do not think that you can hold Trump responsible or associate him with direct knowledge of any of the POS systems, of how the hotel chains are run or how the CIO is running that portion of the company. To me that is like saying Bill Gates is directly responsible for the products coming from Microsoft. Neither individual is engaged in the day to day activities of their employees.
First off Let me tell this to you Brian. You are the MOST funniest guy I have ever met. F##k off about posting leaked stuff on about our darknet sites. Mess with me I dare you. We already have a dox going on you. Leave what you don’t know, unless u want this to end badly. (With a f#%@* shot to your head). You have been warned.
I’m sure your threats sound much more menacing in your native tongue but in English, it come off as comical. I’m sorry you need to battle stray animals for your food but don’t be upset with the author for calling you out on your “darknet” silliness.
I’m just enjoying the wit of the posters here. Kudos, all.