The Trump Hotel Collection reached a settlement with the New York attorney general to pay $50,000 and shore up data security after breaches exposed more than 70,000 credit card numbers and other personal data. The chain is one of many hotels and retailers that have been hit recently by malware that skimmed payment card information.
The attorney general’s office said that in May 2015 multiple banks analyzed hundreds of fraudulent credit card transactions and determined the hotel group was the last merchant with legitimate transactions.
The key charges apparently against Trump Hotel Collection are that it didn’t have adequate protection and even after the attacks became known, did not quickly inform the people affected, in breach of New York law.
“It is vital in this digital age that companies take all precautions to ensure that consumer information is protected, and that if a data breach occurs, it is reported promptly to our office, in accordance with state law," Attorney General Eric T. Schneiderman of New York said in a statement.
Schneiderman said that banks tracing fraudulent card use last year determined that the cards had last been legally used at Trump hotels, indicating the security breach had happened there. Further investigation found malware at several Trump hotels and that an attacker in 2014 had gained unauthorized access to steal sensitive information.