Trump International Hotels Management confirmed it was the victim of another data breach, the third involving the hotel chain since May 2015, according to a Fortune report. Trump Central Park, Trump Chicago, Trump Las Vegas and Trump D.C. were among the 14 properties impacted by the breach.
The breach was part of a cyberattack on Sabre Hospitality Solutions, the reservation system used by Trump Hotels, and not Trump Hotels’ own IT system. The Sabre breach was originally announced in May and occurred between August 2016 and March 2017.
Information breached included payment card numbers and card security codes, Trump International Hotels revealed.
Hotels are an easy target for hackers because they tend to lack advanced security measures and hold huge amounts of personal data and credit card information. Trump hotels are even more attractive targets given the name recognition.
Last year, Trump International Hotels Management LLC agreed to pay New York state $50,000 over data breaches that occurred in May 2015 and reportedly exposed 70,000 credit card numbers and other personal information. Trump Hotels then broke New York law by not letting its customers know about the breach as soon as possible, instead waiting four months to provide notice, according to the report. The settlement required Trump Hotels to improve its data security policies.
The hospitality industry has been hit hard by cyberattacks in recent months. In November, Starwood Hotels & Resorts Worldwide reported that payment systems at 54 of its hotels in North America had been infected with malware.