NEW YORK — Trump Hotel Collection agreed to pay $50,000 in fines and strengthen security measures after data breaches exposed more than 70,000 credit-card numbers and other personal information, New York Attorney General Eric Schneiderman said Friday.
Banks analyzing hundreds of fraudulent credit-card transactions in May 2015 tracked the last legitimate ones to Trump hotels, suggesting the chain was the target of a cyberattack, Schneiderman said in a statement. A preliminary probe revealed malware targeting credit cards existed at multiple locations, including the computer networks associated with hotels in Chicago, New York and Las Vegas.
Further investigation showed that an attacker infiltrated the chain’s payment system in May 2014 by accessing an administrative account using legitimate credentials, and then deployed the malware, Schneiderman said. The chain knew as early as June 2015 that malware had permeated multiple properties but didn’t tell its customers until four months later, which is a violation of New York law, the attorney general said.
Another breach occurred in November 2015 when an attacker installed malware on 39 systems affecting five properties.
Copy the Story LinkSend questions/comments to the editors.
Success. Please wait for the page to reload. If the page does not reload within 5 seconds, please refresh the page.
Enter your email and password to access comments.
Hi, to comment on stories you must . This profile is in addition to your subscription and website login.
Already have a commenting profile? .
Invalid username/password.
Please check your email to confirm and complete your registration.
Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.
Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.