For the third time in the past three years, hotel guests at 14 Trump properties including Washington, New York and Vancouver, had their personal credit card info exposed to hackers.
The most recent breaches began in August 2016 and ended in March 2017, according to a notice posted on the Trump Hotels website.
The hacked information included the names of guests, their addresses and phone numbers, and credit card numbers and expiration dates.
The Trump Hotels systems weren’t hacked, according to Trump International Hotels Management LLC.
Rather, a months-long data breach affecting Sabre, a third-party travel booking service provider, was blamed.
From Reuters:
The compromised information included payment card numbers and card security codes for some of the hotel chain’s reservations processed through service provider Sabre Corp’s central reservation system, according to a notice on the Trump Hotels’ website.
The breach is part of a cyber attack on Sabre’s systems disclosed in May. Sabre’s reservation systems are used by nearly 32,000 properties worldwide.
Sabre informed Trump Hotels about the current breach at its properties including Trump Las Vegas and Trump Chicago on June 5, according to the notice.
The breach did not affect Trump Hotels’ own systems, according to the notice. This was the third involving the hotel chain since May 2015.
The company, formerly led by U.S. President Donald Trump, agreed to pay $50,000 last year in a settlement over data breaches that exposed 70,000 credit card numbers and other personal information.
Sabre’s investigation found that the unauthorized party first accessed reservation information on Aug. 10, 2016. The last unauthorized access was on March 9.
“The privacy and protection of our guests’ information is a matter we take very seriously,” read the Trump Hotels notice. They say they were notified of the breach on June 5.
[PDF Link]