While Donald Trump himself is busy racking up broken business deals after making disparaging remarks about Latino immigrants, the Republican presidential candidate’s Trump Hotel Collection appears to be the latest victim of a credit card breach.
Independent researcher Brian Krebs said that data from several US-based banks shows a pattern of fraudulent debit and credit card charges at several property locations—including Chicago, Honolulu, Las Vegas, Los Angeles, Miami and New York. The card breach appears to extend back to at least February 2015, and is likely the result of magnetic stripe data collection. This is data that can be encoded onto new counterfeit cards.
Changes are afoot though, which may finally stem the recent, raging tide of card breaches. In October 2015, merchants that have not yet installed card readers which accept more secure chip-based cards will assume responsibility for fraud.
“It is likely that the huge number of card breaches at US-based organizations over the past year represents a response by fraudsters to upcoming changes in the United States designed to make credit and debit cards more difficult and expensive to counterfeit,” Krebs said in a posting. “Non-chip cards store cardholder data on a magnetic stripe, which can be trivially copied and re-encoded onto virtually anything else with a magnetic stripe.”
He added, “Cyber-thieves no doubt well understand they won’t have this enormously profitable cash cow around much longer, and they’re busy milking it for all it’s worth.”
Consumers should be especially aware given that the summer vacation season has kicked off. “School’s out and countless families are preparing to visit entertainment attractions and resort hotels,” said Kevin Watson, CEO of Netsurion, in an email. “We’ve seen plenty of evidence that no business is immune from cyber-criminals, and those that process payment data or offer free Wi-Fi are especially lucrative targets.”
Hospitality businesses can take the necessary steps to protect customer data and ensure that stronger security measures are in place for their network, payment systems and on-premise Wi-Fi services, including implementing a robust and adaptable firewall; implementing two-factor authentication, installing all software patches and using updated anti-malware software.