Donald Trump's hotel business 'targeted by cyber terrorists'

Trump Hotel Collection, the hotel business belonging to US Presidential hopeful Donald Trump, has fallen victim to an attack on its credit card systems, the company has confirmed, blaming the attack on "cyber terrorists".

The hack first came to light when banking sources told security researcher Brian Krebs they had noticed "a pattern of fraud on customer credit cards that suggests hackers have breached credit card systems at some - if not all - of the Trump Hotel Collection properties".

Also known as Trump Hotels, the business owns several luxury hotels located primarily in the US, but also Canada, Brazil and the UK.

In a statement to IT Pro, Eric Trump, Donald Trump's son and one of the co-managers of Trump Hotels, said: "Like virtually every other company these days, we are routinely targeted by cyber terrorists whose only focus is to inflict harm on great American businesses. We are in the midst of a thorough investigation on this matter and are working with the US Secret Service and the FBI to help catch these criminals and prosecute [them] to the full extent of the law."

"We are committed to safeguarding all guests' personal information and will continue to do so vigilantly," he added.

The organisation was the subject of a credit card system breach last July, which was discovered after several banks traced back strings of fraudulent transactions to stays at Trump Hotel properties, pointing to it as the root of the breach.

But this is also the latest case in a long list of international hotel firms being targeted by criminals for the credit card information they hold.

Tod Beardsley, security research manager at security firm Rapid7, described the news as "eerily familiar".

"While it's possible that the real story behind the breach could be anything from a disgruntled insider, to a breach of the core IT systems used in Trump properties, or some unique method of obtaining credit card data from Trump customers, [it] sounds like many of the point-of-sale (POS) compromises that have recently hit major hotel and hospitality companies over the last 18 months," he said.

"I would be surprised if the techniques used by the attackers in this case were substantively different from those used against Starwood, Hyatt, and Hilton. We've seen that in the hotel industry, the POS systems are generally the weakest link in the IT chain, and technically savvy criminal organisations have clearly figured this out," he added.

Trump Hotels has told Krebs it is looking into these latest reports. IT Pro also approached the company for a response to the apparent breach, but had not received a reply at the time of publication.

Main image credit: Tony Webster on Flickr

This article was originally published on 05/04/2016 and has since been updated with additional information, most recently on 06/04/2016.

Jane McCallion
Deputy Editor

Jane McCallion is ITPro's deputy editor, specializing in cloud computing, cyber security, data centers and enterprise IT infrastructure. Before becoming Deputy Editor, she held the role of Features Editor, managing a pool of freelance and internal writers, while continuing to specialise in enterprise IT infrastructure, and business strategy.

Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.