back to article Trump Hotels left orange faced: Hackers plunder systems for credit cards

Trump Hotels has become the latest accommodation group to put its hands up as a user of the compromised Sabre SynXis Central Reservations system. SynXis offers hotel-bookings-as-a-service to tourism operators and has contacted users to let them know that unauthorised parties had accessed its systems. Trump Hotels' letter [PDF …

  1. bombastic bob Silver badge
    Happy

    So it's SynXis and not Trump Hotels that was cracked?

    but yeah you had me hooked with the article's title. well done!

    (Apparently other hotels affected as well)

    1. Mark 85 Silver badge

      Re: So it's SynXis and not Trump Hotels that was cracked?

      Yeah, click but on the bright side: if it had been his hotel chain, Twatter would be realing from all his posts about who didn't do it and what will happen with the government catches them... ad nauseam ad infinitum.

      1. Charlie Clark Silver badge

        Re: So it's SynXis and not Trump Hotels that was cracked?

        but on the bright side

        What? You mean you don't think he's going to do that anyway? He always reacts to anything that he feels like criticism of him or his brand in the same way. So we can expect more bluster about how great the hotels are, etc.

        Emoluments…

  2. veti Silver badge

    "Card security code"?

    I thought that was never supposed to be stored in the first place, isn't that the whole point?

    1. tfewster Silver badge
      Facepalm

      Re: "Card security code"?

      Yep, if Sabre themselves take payments from cards, I guess they just lost that privilege. If they're just a booking service and the hotel takes the payment from the card details forwarded from SynXis - dunno how PCI sanctions would work there (but also not clear how that could work if the hotel/bank interface used additional authentication, e.g. Verified By Visa)

      1. DougS Silver badge

        Re: "Card security code"?

        If Trump Hotels is to blame for saving the security code, I imagine PCI will find an excuse not to sanction them that wouldn't have been an obstacle to doing so two years ago.

  3. Steve Walker

    Similar to the the AA breach as well then, they'd (or their payment provider) stored the CSC number as well as the other card data.

    Seems (some) organisations seem to be able to just ignore that particular PCI-DSS requirement.

    Must be a tick box then we're missing :-)

  4. sitta_europea

    [quote]Trump Hotels advises guests to “remain vigilant for incidents of fraud and identity theft by regularly reviewing account statements and monitoring free credit reports for any unauthorized activity.” [/quote]

    As opposed to "provides free credit reports" or anything expensive like that?

  5. Banksy
    Coat

    Russians?

    I wonder if there were any Russian customers?

  6. JCitizen
    Windows

    I was wondering how long...

    it would take before a Trump hotel of related service was hacked. With almost every chain out there getting it long ago, I'm really surprised it took this long. Now maybe Trump will finally realize just how pervasive the problem is, and quit denying it like it will go away, if you just ignore it.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019