In amongst the hype surrounding Donald Trump, the news of Trump Hotels being possibly breached for the second time in a year may add further fuel to the political discussions.
From a cybersecurity perspective, this is no hyped up piece of news. The hospitality sector remains one of the most heavily targeted within the payment card industry, with most well-known hotel brands having had a significant breach of customer and payment data in recent times.
Based on our DFIR (Digital Forensics and Incident Response) team's experience, most breaches within the hospitality sector involve memory scraping payment-card-harvesting malware. And most of the time they evade detection by the major anti-malware/anti-virus solutions.
Having effective security monitoring in place is essential, and having the backing of a world-class DFIR team to spring into action when suspect activity is detected is critical to shutting down a breach before confidential client data is stolen.
Krebs on Security reported that the hotel properties may be “dealing with another breach of its credit card systems,” citing banking industry sources. This, the site said, would be the second breach in less than a year. As was reported last summer, a series of banks suspected a breach occurred at a number of Trump properties; it was later confirmed in Oct. 2015 to have been a breach that utilized malware.