Trump Hotels said a data breach at a service provider compromised card payment details at 14 of its properties. The compromised information included payment card numbers and card security codes for some of the hotel chain's reservations processed through service provider Sabre's central reservation system.
The Sabre SynXis Central Reservations system (CRS) facilitates the booking of hotel reservations made by consumers through hotels, online travel agencies, and similar booking services. Following an investigation, Sabre informed Trump Hotels about the current breach at its properties including Trump Las Vegas and Trump Chicago on June 5.
The investigation found that the unauthorized party first obtained access to Trump Hotels-related payment card and other reservation information on August 10, 2016. The last access to this information was on March 9, 2017.
The company, formerly led by U.S. President Donald Trump, agreed to pay $50,000 last year in a settlement over data breaches that exposed 70,000 credit card numbers and other personal information.
The unauthorized party was able to access payment card information for some hotel reservations at certain properties listed here, including cardholder name, payment card number, card expiration date, and potentially card security code. In some cases, the unauthorized party also was able to access guest name, email, phone number, address, and other information. Information such as Social Security, passport, and driver’s license number was not accessed.
What You Can Do
Trump Hotels recommends that affected individuals remain vigilant for incidents of fraud and identity theft by regularly reviewing account statements and monitoring free credit reports for any unauthorized activity. If there is any suspicious or unusual activity, affected individuals should report it immediately to their financial institutions, as the major credit card companies have rules that restrict them from requiring payment for fraudulent charges that are reported timely.
In addition, affected individuals may contact the Federal Trade Commission (FTC) or law enforcement authorities, such as their state attorney general, to report incidents of identity theft or to learn about steps to take to protect against identity theft.
The FTC can be contacted at:
Federal Trade Commission
2 600 Pennsylvania Avenue, NW Washington, DC 20580 (877) IDTHEFT (438-4338) https://www.identitytheft.gov/
If affected individuals find that their information has been misused, the FTC encourages filing a complaint with the FTC and taking these additional steps: (1) close the accounts that are confirmed or believed to have been tampered with or opened fraudulently, and (2) file and keep a copy of a local police report as evidence of the identity theft crime.