Donald Trump’s hotel chain fined over data breaches

Donald Trump’s hotel chain, Trump Hotel Collection, has agreed to pay $50,000 (£39,000) and strengthen its security measures after multiple data breaches.

The settlement, announced by New York Attorney General Eric Schneiderman on Friday, comes after data breaches at the chain exposed more than 70,000 credit card numbers and other personal information.

A preliminary investigation found that a malware program targeting credit cards existed at multiple locations across the hotel chain, including computer networks associated with hotels in New York, Las Vegas and Chicago.

Further investigations revealed that an attacker infiltrated the company’s payment processing system by accessing an administrative account using legitimate credentials and then deployed the malware.

The Republican presidential candidate’s chain knew as early as June 2015 about the malware but did not tell its customers until four months later, the attorney general said, which is a violation of New York law.

A second breach occurred in November 2015, when an attacker installed malware on 39 systems affecting five of the company’s properties.

A spokesperson for the company, told the New York Times: “Unfortunately, cybercriminals seeking consumer data have recently infiltrated the systems of many organisations including almost every major hotel company.

“Safeguarding our customers’ data is a top priority for the company, and we will continue taking actions to do so.”

Schneiderman added: “It is vital in this digital age that companies take all precautions to ensure that consumer information is protected, and that if a data breach occurs, it is reported promptly to our office, in accordance with state law.”

The company, which owns 15 properties worldwide, reopened the Trump Turnberry hotel on the South Ayrshire coast in Scotland earlier this year following a £200m restoration.