comscore Trump hotels settle with attorney general over data breach | Honolulu Star-Advertiser
Business Breaking | Top News

Trump hotels settle with attorney general over data breach

  • STAR-ADVERTISER / JAN. 14, 2005

    A credit card is swiped at the Trump International Hotel in Waikiki.

ALBANY, N.Y. >. The Trump Hotel Collection company has agreed to pay $50,000 and shore up data security after breaches exposed more than 70,000 credit card numbers and other personal data from hotels in Honolulu and other cities, the New York attorney general said in announcing a settlement.

In May 2015, multiple banks analyzed hundreds of fraudulent credit card transactions and determined the hotel group, one of Republican presidential nominee Donald Trump’s businesses, was the last merchant with legitimate transactions, according to the attorney general’s office.

Authorities said the company knew by June 2015 that hotels in New York City, Miami, Chicago, Honolulu, Las Vegas and Toronto had been compromised but didn’t notify customers for four months, a violation of New York business law requiring prompt notification. They said a hacker infiltrated the hotel group’s payment processing system in May 2014.

“It is vital in this digital age that companies take all precautions to ensure that consumer information is protected and that, if a data breach occurs, it is reported promptly to our office, in accordance with state law,” said Attorney General Eric Schneiderman, a Democrat.

Safeguarding customer data is a top priority, a Trump Hotels Collection spokeswoman said.

“Unfortunately, cyber criminals seeking consumer data have recently infiltrated the systems of many organizations, including almost every major hotel company,” she said.

According to the attorney general’s office, the company last March received additional reports of a second security breach, an investigation showing a hacker got unauthorized access last November and installed credit card harvesting malware on 39 systems affecting five hotels, including Trump SoHo New York.

In April, the company added recommended precautions including authentication for remote access that requires username, password and then another piece of information only the user should know, such as a random number from a token.

Comment (1)

By participating in online discussions you acknowledge that you have agreed to the Terms of Service. An insightful discussion of ideas and viewpoints is encouraged, but comments must be civil and in good taste, with no personal attacks. If your comments are inappropriate, you may be banned from posting. Report comments if you believe they do not follow our guidelines.

Having trouble with comments? Learn more here.

Leave a Reply

  • Trump security knew back in 2014, that breaches where made and only now, their spoke person comes clean about how cyber thieves are breaking into everything?!
    On top of that, the AG slapes Trump for a measly $50 grand??, a slap on the wrist.

Click here to see our full coverage of the coronavirus outbreak. Submit your coronavirus news tip.

Be the first to know
Get web push notifications from Star-Advertiser when the next breaking story happens — it's FREE! You just need a supported web browser.
Subscribe for this feature

Scroll Up