Trump Hotels notifies some guests of payment card breach that began in 2016

Trump Hotels is sending out data breach notification letters to hotel guests after a service provider notified them of a breach that began in August 2016 but was only detected this year.

In their letter, they explain:

We are writing to you because of an incident involving unauthorized access to guest information associated with your hotel reservation. This incident occurred on the systems of Sabre Hospitality Solutions (Sabre), a service provider used by Trump Hotels. It did not affect Trump Hotels’ systems. The privacy and protection of our guests’ information is a matter we take very seriously, and we recommend that you review the information in this letter for some steps you can take to protect yourself against potential misuse of your information.

What Happened?

The Sabre SynXis Central Reservations system (CRS) facilitates the booking of hotel reservations made by consumers through hotels, online travel agencies, and similar booking services. Following an investigation, Sabre notified us on June 5, 2017 that an unauthorized party gained access to account credentials that permitted access to payment card data and certain reservation information for some of our hotel reservations processed through Sabre’s CRS.

The investigation found that the unauthorized party first obtained access to Trump Hotels-related payment card and other reservation information on August 10, 2016. The last access to this information was on March 9, 2017.

Read more of their notification template here (pdf).

About the author: Dissent