Donald Trump's hotel business 'targeted by cyber terrorists'
Credit card systems at Trump Hotels hacked for second time in a year
Trump Hotel Collection, the hotel business belonging to US Presidential hopeful Donald Trump, has fallen victim to an attack on its credit card systems, the company has confirmed, blaming the attack on "cyber terrorists".
The hack first came to light when banking sources told security researcher Brian Krebs they had noticed "a pattern of fraud on customer credit cards that suggests hackers have breached credit card systems at some - if not all - of the Trump Hotel Collection properties".
Also known as Trump Hotels, the business owns several luxury hotels located primarily in the US, but also Canada, Brazil and the UK.
In a statement to IT Pro, Eric Trump, Donald Trump's son and one of the co-managers of Trump Hotels, said: "Like virtually every other company these days, we are routinely targeted by cyber terrorists whose only focus is to inflict harm on great American businesses. We are in the midst of a thorough investigation on this matter and are working with the US Secret Service and the FBI to help catch these criminals and prosecute [them] to the full extent of the law."
"We are committed to safeguarding all guests' personal information and will continue to do so vigilantly," he added.
The organisation was the subject of a credit card system breach last July, which was discovered after several banks traced back strings of fraudulent transactions to stays at Trump Hotel properties, pointing to it as the root of the breach.
But this is also the latest case in a long list of international hotel firms being targeted by criminals for the credit card information they hold.
Tod Beardsley, security research manager at security firm Rapid7, described the news as "eerily familiar".
"While it's possible that the real story behind the breach could be anything from a disgruntled insider, to a breach of the core IT systems used in Trump properties, or some unique method of obtaining credit card data from Trump customers, [it] sounds like many of the point-of-sale (POS) compromises that have recently hit major hotel and hospitality companies over the last 18 months," he said.
"I would be surprised if the techniques used by the attackers in this case were substantively different from those used against Starwood, Hyatt, and Hilton. We've seen that in the hotel industry, the POS systems are generally the weakest link in the IT chain, and technically savvy criminal organisations have clearly figured this out," he added.
Trump Hotels has told Krebs it is looking into these latest reports. IT Pro also approached the company for a response to the apparent breach, but had not received a reply at the time of publication.
Main image credit: Tony Webster on Flickr
This article was originally published on 05/04/2016 and has since been updated with additional information, most recently on 06/04/2016.
Application security fallacies and realities
Web application attacks are the most common vulnerability, so what is the truth about application security?Download now
Your first step researching Managed File Transfer
Advice and expertise on researching the right MFT solution for your businessDownload now
The KPIs you should be measuring
How MSPs can measure performance and evaluate their relationships with clientsDownload now
Life in the digital workspace
A guide to technology and the changing concept of workspaceDownload now