Cyber Incident Victim: The Trump Hotel Collection
Date:
Apr 2016
Location:
United States of America
Summary
The Trump Hotel Collection faced a suspected credit card system breach, potentially its second incident within a year, following a prior confirmed malware infection that compromised payment systems. Financial sector sources identified fraud patterns linked to cards used at multiple properties, prompting an internal investigation by the organization. The hospitality industry has experienced widespread card breaches, often targeting restaurant and gift shop systems within hotels. While the company emphasized its commitment to protecting guest data, the incident highlighted ongoing vulnerabilities in the sector.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In April 2016, banking industry sources reported to KrebsOnSecurity that the Trump Hotel Collection was likely experiencing another credit card system breach, marking the second such incident within a year. Financial institutions identified a pattern of fraudulent activity on customer cards that had been used at multiple Trump Hotel properties globally, including locations in New York City, Honolulu, and Toronto, within the preceding two to three months. This followed a prior breach first reported in July 2015, when banks initially detected suspicious activity tied to Trump Hotels. After KrebsOnSecurity’s initial 2015 report, the Trump Hotel Collection acknowledged being alerted to unusual account activity but did not confirm malware-infected payment systems until October 2015. The 2016 incident mirrored the earlier breach, with sources indicating card data theft across several properties managed by the luxury hotel group. The Trump organization stated it was conducting a thorough investigation into the renewed claims but did not immediately confirm the breach. No specific details about the attack vector or malware type were disclosed publicly for either incident.
The hospitality sector faced widespread card breaches during this period, with major chains like Hilton, Hyatt, and Starwood experiencing similar compromises, often targeting point-of-sale systems in restaurants and gift shops. White Lodging, another hotel franchisor, confirmed its second breach in a year in April 2014. The Trump Hotel Collection’s response to both breaches emphasized its commitment to safeguarding guest information, though it delayed full confirmation of the 2015 breach for three months after initial reports. Financial institutions bore the brunt of identifying fraud patterns linking compromised cards to Trump properties, as the hotel group relied on external alerts to initiate investigations. The scope of both breaches remained unclear, with no public disclosure of the number of affected customers or cards. The company’s investigation into the 2016 incident was ongoing at the time of reporting, with no further resolution details provided.