Sign up for our newsletter
Technology / Cybersecurity

Donald Trump’s hotel chain breached again, credit card data possibly stolen in POS cyber attack

Donald Trump’s hotel chain has been hit with a breach of its credit card systems, sources from the banking industry say, the second in less than a year.

A pattern of fraud on customer credit cards suggests that hackers have breached credit card systems at some Trump Hotel Collection properties.

According to the report in KrebsOnSecurity, it may have affected the properties in New York, Honolulu and Toronto.

A written statement from Trump Hotel Collection on the blog said: "We are in the midst of a thorough investigation on this matter. We are committed to safeguarding all guests’ personal information and will continue to do so vigilantly."

White papers from our partners

The company was previously targeted in 2015, confirming that the payment systems had been infected with card-stealing malware in October.

Chris Webber, Security Strategist at Centrify, said that Trump was likely to be a target for both politically and financially motivated hackers, citing a recent video from hacking group Anonymous in which they shared Trump’s personal information.

However, Webber said that it was more likely that this particular attack was just another in a long string of credit card breaches resulting from stolen credentials

Tod Beardsley, Security Research Manager at Rapid7 said that the attack could have come from a number of sources including disgruntled insiders or a breach, but that it sounds more like a point-of-sale compromise in the pattern of recent attacks on the hotel chain.

These include Hilton, Hyatt and Starwood hotels.

"We’ve seen that in the hotel industry, the POS systems are generally the weakest link in the IT chain, and technically savvy criminal organisations have clearly figured this out," said Beardsley.

"Retail companies, hotel chains, and restaurants should examine their own POS installations for common misconfigurations and exposures, such as default and easily guessed passwords, outdated software, and poor network segmentation."

This article is from the CBROnline archive: some formatting and images may not be present.