Hackers Blow Trump Hotels Wide Open

There’s a very interesting discussion going on in the United States right now about whether President Donald Trump and his family have been in touch with Russian government agents presumably tied to Russian hackers.

Credit: Trump Hotels

(Image credit: Trump Hotels)

While the situation is murky, to say the least, we can say with confidence that Trump has run afoul of hackers in a much more quotidian way. The Trump Hotels line, controlled by the president and his family, has fallen victim to a widespread data breach, which may have compromised everything from guests' names to their full credit-card information.

The Trump Hotels organization issued a statement explaining that the hotels use a third-party reservation system known as Sabre SynXis. Sometime before March 31, hackers attacked Sabre SynXis' systems and cracked them wide open, exposing information pertaining to individuals and companies who had made reservations at fourteen Trump-branded hotels all around the world, as well as at other well-known hotel chains. Guests who stayed in the affected Trump properties between August 2016 and March 2017 are at risk of credit-card fraud.

MORE: What to Do After a Data Breach

While Sabre did not reveal exactly how hackers gained access to its information, it a malicious party may have gained login information and used that to steal guest records. The stolen records included guests’ full names and credit-card numbers, expiration dates and security codes, as well as email addresses, phone numbers and home addresses.

The Trump Hotels notification pointed out that Social Security numbers, passports and driver's licenses were "not accessed," so at least you won’t have to change your name and flee the country. Probably.

If you stayed at a Trump Hotel during the dates indicated, your best bet is to keep tabs on your credit-card bills and keep an eye out for suspicious activity. (Or just cancel them outright; most banks will replace credit cards at no cost if there are security concerns.) The Trump Hotels organization also recommends that users obtain a credit report, and report fraud if they see anything untoward.

Because Sabre SynXis handles reservations for a variety of other hotel chains, Trump's properties are not the only ones affected. Hard Rock Hotels last week admitted that its customers were also involved, and Loews Hotels has reportedly been sending its customers breach notifications. In late June, Google warned its own employees that their personal infromation might have been compromised after Google's corporate travel agent, Carlson Wagonlit Travel, revealed that it had been hit by the Sabre SynXis breach.

The Sabre breach was first reported by independent security reporter Brian Krebs back in May, after Sabre mentioned it in a quarterly filing with the Securities and Exchange Commission. Sabre has posted its own information pertaining to the breach, but has not named any client companies that may be involved.

The moral of the story, if there is one, isn't clear. After all, hotel guests can't do much to protect themselves from a data breach at an institutional level. Cheaper hotels might prove a less attractive target, but really, wherever there's a large group of people's names and credit-card information, opportunistic criminals won't be too far behind.

So there you have it: You can now say in good faith that Trump was hacked. It's not the kind of hack that will rock the United States to its core, but who knows: Maybe Russian cybercriminals were behind it after all.

Marshall Honorof is a senior editor for Tom's Guide, overseeing the site's coverage of gaming hardware and software. He comes from a science writing background, having studied paleomammalogy, biological anthropology, and the history of science and technology. After hours, you can find him practicing taekwondo or doing deep dives on classic sci-fi. 

  • Sethjj75
    Comeuppance is scrumptious.
  • Dib Siverack
    This borders on Fake News. Trump's hotel chain was one of many that were actually not hacked themselves but the 3rd party they and many other uses were hacked. In May! This is July. Where was this article in May??
  • Ah, the smell of some sweet, sweet karma.
  • Nei1
    > In May! This is July. Where was this article in May??

    In my limited experience, hacking incidences are not revealed to the press without a long delay. So I don't think this delay is part of the vast left-wing conspiracy to provide resources to the many instead of just to the 1%.

    I agree that the article did make Trump hotels look like an irresponsible center focus of the hack -- apparently for sensational value -- when it was a 3rd party that was irresponsible about protecting the data. The misinformation doesn't help anyone.

    On a tangent, you don't have to be the most experienced computer user to know: Keep the OS updated, Keep apps updated, Don't turn off your firewall, have some anti-malware running in the background and kept updated, be suspicious of all email attachments because if you think you know who sent it, it could still be phish.

    So, what's the problem with these big data centers that are holding our personal data? Don't they know what to do?
  • mb-technews
    Hey. Tom's Guide. What are you doing here? I'm not a Trump fan in the tiniest bit, but this story's headline and intro is really misleading. Sabre Systems was hacked -- which includes about 35000 hotels (including, but not limited to, 14 Trump hotels.) I don't follow news sites that distort facts just to get hits. You're on shaky ground with this story.
  • fablamberti
    Dear Mr Honorof,
    your article is a pathetic tentative to do politics. Your ignorance in the subject is clear. Sabre SynXis is a very well-known major player in the Hotel/Travel Industry. We got the email about the security breach 3 months ago!! Here it is the real news from a real journalist: https://krebsonsecurity.com/2017/05/breach-at-sabre-corp-s-hospitality-unit/
    Why do not you stick with real tech news? and grow-up! Cyber security is the N.1 treat right now. I have just had an IT security meeting with an ex-Secret Service agent and FBI agents. Russians major fraud players were arrested in Miami starting from 2012 till a few months ago. There are websites where you can buy any Credit Card of your choice for 10/15$. These are ours Credit Cards (we, the People of UNITED States!) It could be yours, it could be mine, it could be one of your relative / friends. Some of these hackers are in USA some are in Russia/Ukraine. One notorious Russian hacker was actually elected in the Russian parliament 1 year ago, that give you some prospective of how deep this crime goes!
    This is why Sabre was hacked, real fact. Nothing to do with Trump.
    Fact: Crime does not give a damn about Democrats or Republicans. One actual crime is your biased article. Fact: The President of United Stated is Donald Trump. Fact: half of the country is Democrat, the other half is Republican. Fact: you have been dishonest and you should be fired since you do not know how to present information in a democratic way. The "News" are acting like anarchy, and it is disgusting.