Skip to main content

Trump hotel chain confirms year-long data hack

trump tower cloudy
Trump Tower, Chicago Andrew Seaman/Flickr
The Trump hotel chain has confirmed a data security breach involving malware that the company says was on its payment systems for just over a year.

First reported last week and confirmed by the business on Monday, the high-end hotel chain owned by the billionaire Republican presidential hopeful and real estate developer Donald Trump said that between May 19, 2014, and June 2, 2015, it believes there “may have been unauthorized malware access to some of the computers that host our front desk terminals and payment card terminals in our restaurants, gift shops and other point-of-sale purchase locations.”

Related Videos

Stolen data could include payment card information such as account numbers, expiration dates, and security codes. In some instances, the cardholders’ full names may also be among the captured data.

Trump hotels caught up in the hack include those in the cities of Chicago, Honolulu, Las Vegas, Toronto, and Miami, with two premises in New York City hit.

An initial investigation has so far found no evidence of customer data being misused, the chain said, though as a precautionary measure it’s offering affected customers 12 months of free identity-theft protection. In addition, it warned those who’ve engaged with the hotel’s payment systems during the specified time period to check their credit and debit card account statements for signs of suspicious activity.

This isn’t the first case of a high-end hotel chain being hit by hackers, and very likely won’t be the last. Earlier this year, luxury hotel outfit Mandarin Oriental was caught up in a similar kind of security breach that also involved compromised payment terminals.

Such point-of-sale systems have proved rich pickings for cybercriminals over the last 18 months or so. Remember the six-month Home Depot hack? Target, too, was hit in a high-profile incident at the end of 2013.

In many cases, the stolen data ends up being sold on illicit hacking forums, with buyers using it to purchase goods online or withdraw money from bank accounts.

Editors' Recommendations

Online payment fraud has doubled over the past seven years
A person holding a ThinkPad Nano X1 Gen 2 laptop in front of a window.

Online payment fraud increased 137% over the past seven years according to research conducted by SEON, a UK-based fraud prevention service.

SEON based its research on data from the Identity Threat Research Center and used it to identify data compromises that came from online payments.

Read more
Elon Musk’s Starlink satellites hacked by $25 homemade device
A Starlink dish next to an RV.

A $25 hacking tool that can seemingly breach Starlink’s internet terminals has been revealed by a security researcher.

As reported by Wired and Gizmodo, Lennert Wouters, who works at Belgian university KU Leuven, showcased how to infiltrate the satellite dishes at the Black Hat Security Conference.

Read more
Selling something online? Watch out for this clever new scam
An individual holding a phone and card.

A credit/debit card stealing scheme that was initially discovered in 2020 has now been detected in Singapore.

As reported by Bleeping Computer, threat analysts at cybersecurity company Group-IB link it to "Classicscam," a global operation that has targeted individuals in Europe, Russia, and the U.S.

Read more