Trump Hotel Collection agreed to a settlement with New York Attorney General Eric Schneiderman’s office over a data breach that exposed more than 70,000 credit-card numbers, the AG’s office said Friday.
The breaches affected New York hotels such as Trump Soho at 246 Spring Street and Trump International Hotel & Tower at 1 Central Park West. Banks flagged Trump Hotel Collection as being a likely victim of data breaches in May 2015, according to the AG.
There were further attacks: In November 2015, Trump Soho and four other properties were hit by malware. In March of this year, an attacker hacked a payment system for the Trump International Hotel & Tower that included confidential information of more than 300 property owners, according to Bloomberg. Trump National Doral in Miami was also affected by a breach, according to the AG.
Trump Hotel Collection knew as far back as June 2015 that it had been affected by the breaches, but didn’t tell its customers for four months, according to the AG, who called the lack of disclosure a violation of state law.
“Unfortunately, cyber criminals seeking consumer data have recently infiltrated the systems of many organizations, including almost every major hotel company,” a Trump Hotel spokesperson told ABC.
The settlement includes a $50,000 fine for the company, which is also required to bolster its security systems.
“Consumers personal information are all too often exposed to wrong-doers with ill-intent,” the AG said in a statement. “We will continue working to help protect hard-working New Yorkers from all forms of identity theft.”
Trump Hotel Collection is headed by Donald Trump and his three children, according to Bloomberg.