Trump Hotels disclosed a data breach affecting it’s properties Wednesday.
The following is an update from Trump Hotels:
To Our Valued Guests: We recently learned of an incident involving unauthorized access to guest information associated with certain hotel reservations. This incident occurred on the systems of Sabre Hospitality Solutions (Sabre), a service provider used by Trump Hotels. It did not affect Trump Hotels’ systems. The privacy and protection of our guests’ information is a matter we take very seriously, and we recommend that affected guests review the information in this letter for some steps they can take to protect themselves against potential misuse of their information.
The Sabre SynXis Central Reservations system (CRS) facilitates the booking of hotel reservations made by consumers through hotels, online travel agencies, and similar booking services. Following an investigation, Sabre notified us on June 5, 2017 that an unauthorized party gained access to account credentials that permitted access to payment card data and certain reservation information for some of our hotel reservations processed through Sabre’s CRS. The investigation found that the unauthorized party first obtained access to Trump Hotels-related payment card and other reservation information on August 10, 2016. The last access to this information was on March 9, 2017.
What Information Was Involved?
The unauthorized party was able to access payment card information for some hotel reservations at certain properties listed here, including cardholder name, payment card number, card expiration date, and potentially card security code. In some cases, the unauthorized party also was able to access guest name, email, phone number, address, and other information. Information such as Social Security, passport, and driver’s license number was not accessed.
What We Are Doing
We are working with Sabre to address this issue. We understand that Sabre engaged a leading cybersecurity firm to support its investigation. Sabre indicated that they also notified law enforcement and the payment card brands about this incident.
What You Can Do
We recommend that affected individuals remain vigilant for incidents of fraud and identity theft by regularly reviewing account statements and monitoring free credit reports for any unauthorized activity. If there is any suspicious or unusual activity, affected individuals should report it immediately to their financial institutions, as the major credit card companies have rules that restrict them from requiring payment for fraudulent charges that are reported timely.