Trump Hotels Hacked: Customer Addresses, Credit Card Numbers Stolen

A number of Trump Hotels were hit by hackers who stole credit card numbers and other sensitive information from guests staying at the properties.

The incident—just the latest to hit the hotels that bare the last name of the President of the United States—occurred thanks to a breach of Sabre Hospitality Solutions, a third-party reservation booking system used by Trump Hotels and a number of other major accommodations providers.

Read: Holiday Inn, InterContinental Hotel Customers Had Credit Card Information Stolen

Visitors who stayed at 14 Trump properties between the dates of Aug. 10, 2016 and March 9, 2017, may have fallen victim to the hack. Included in the breach is cardholder name, payment card number, card expiration date and the card security code. In some cases, guest names, email addresses, phone numbers, home addresses and other information may have been compromised.

Trump Hotels assured its customers that Social Security numbers, passports, and driver’s license numbers were not accessed.

Locations affected by the breach include the Trump properties in Central Park; Chicago; Doonbeg; Doral; Las Vegas; Panama; Soho; Toronto; Turnberry; Vancouver; Waikiki; Washington, D.C.; Rio De Janeiro; and the Albemarle Estate in Charlottesville, Virginia.

Trump Hotels issued a statement to notify customers its own systems were not compromised by the hack. Instead, the stolen data was the result of the Sabre Hospitality Solutions breach. “Privacy and protection of our guests’ information is a matter we take very seriously,” Trump Hotels said in a statement.

Read: Hilton Hotels Confirms Credit Card Breach, Chain Mum On Impacted Locations

Reports of the breach of systems belonging to reservations systems provider Sabre first began circulating in May. Trump Hotels was notified that its customers were affected by the incident at the start of June. The Trump company waited at least a week before passing along word of the breach to its customers.

Sabre provides its SynXis Central Reservation system to over 36,000 properties around the world. Four Seasons Hotels and Resorts, Hard Rock Hotels and Casinos, Loews Hotels and Carlson Wagonlit Travel were also affected by the breach.

While this incident may fall primarily on the company behind the reservations systems, Trump Hotel guests are not new to data breaches.

Trump Hotels experienced a breach of its own systems in May 2014 that resulted in the payment card information and other personal details of more than 70,000 customers being exposed. The hotel chain learned of the breach in June 2015 but waited an additional four months to notify those affected.

An additional breach of five Trump properties took place in November 2015. Another attack followed in March 2016, where a hacker breached a legacy payment system used by the hotel chain and stole personal information of Trump Hotel property owners. The breach included names and Social Security numbers of more than 300 people.

The Sabre incident isn’t the first hack involving hotels to take place this year. In April, InterContinental Hotels Group (IHG) acknowledged it was hacked, resulting in to stolen customer credit card information. The attack hit more than 1,000 IHG properties including brands like Holiday Inn, Holiday Inn Express, InterContinental, Staybridge Suites, Kimpton Hotels and Crowne Plaza.