Cyber Incident Victim: The Trump Hotel Collection
Date:
May 2014
Location:
United States of America
Summary
A cybersecurity breach at Trump Hotel Collection involved malware infiltrating payment systems across multiple properties in the U.S. and Canada, potentially compromising customer credit card details including numbers, expiration dates, and security codes over an extended period. The malicious software captured payment information during transactions, though forensic analysis could not confirm specific data exfiltration. The company acknowledged the incident and offered affected customers identity fraud protection services. This event reflects broader trends of payment system targeting in the hospitality and retail sectors, with prominent brands frequently subjected to such attacks due to their high-profile status.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In September 2015, Trump Hotel Collection publicly disclosed a cybersecurity incident involving malware infections across its properties in the United States and Canada. The breach impacted payment systems at hotels in New York (two locations), Chicago, Honolulu, Las Vegas, Toronto, and Miami between May 19, 2014, and June 2, 2015. Attackers deployed specialized malware designed to capture payment card data during transactions, including card numbers, expiration dates, and security codes. The malicious software operated covertly within the hotel chain's computer networks for over a year, intercepting information as customers and employees entered payment details. Forensic analysis confirmed the malware's ability to exfiltrate sensitive data, though investigators could not definitively establish whether specific customer information had been successfully extracted. The prolonged duration of undetected access suggested sophisticated evasion techniques by the threat actors.
Trump Hotel Collection initiated an independent forensic investigation upon discovering the breach and notified potentially affected customers through its website. The company offered one year of complimentary identity fraud protection services to individuals who visited impacted properties during the exposure window. While acknowledging the malware's capability to compromise payment data, the organization emphasized that no conclusive evidence confirmed actual theft of specific customer records. This incident occurred amid a wave of similar point-of-sale system compromises affecting major retailers including Target, Home Depot, and Neiman Marcus between 2013-2015. Security experts noted the targeting pattern reflected broader criminal trends focusing on high-profile hospitality and retail brands with extensive customer transaction volumes. The hotel chain's public statement highlighted the persistent threat landscape facing corporate networks while outlining remedial actions taken to address the breach.