As Donald Trump continues to pursue the Republican nomination for U.S. President, his hotel chain is facing a class-action lawsuit filed by a Belleville attorney who alleges the payment system was hacked.
John Hipskind filed the lawsuit on behalf of Belleville lawyer John Driscoll in federal court in East St. Louis on Friday.
The suit alleges that unauthorized malware had access to payment card information as it was inputted into payment card systems at the hotels. These hotels include Trump SoHo New York, Trump National Doral in Miami, Trump International Hotel and Tower in Las Vegas, Trump International Chicago, Trump International New York, Trump International Waikiki and Trump International Toronto. According to the suit, Driscoll stayed numerous times at Trump SoHo New York and Trump International Chicago.
Recent data breaches at Home Depot, Target, Neiman Marcus, Michaels, Sally Beauty, and eBay all underscore the fact that criminals can rather easily leverage existing security weaknesses in corporate networks to gain access to sensitive data and critical (point of sale) systems without being detected.
Belleville lawyer John Hipskind wrote in the suit against the Trump Hotel Collection
Hipskind declined to comment.
The breach occurred between May 18, 2014, and June 2. The public notice of the breach was made on Sept. 29. Hipskind stated in the suit that the Trump Corporation took months to notify those who may be impacted, depriving them of the opportunity to take effective remedial action to reduce the the short- and long-term risk of fraudulent activity. Due to the breach, Hipskind said Driscoll and others must spend time monitoring their financial accounts and payment card accounts.
The Trump Hotel Collection employed an independent forensic examiner to conduct an investigation, according to a statement on their website. The investigation has not conclusively determined that any particular payment card information was taken or misused, according the statement.
“While the independent forensic investigator did not find evidence that information was taken from the hotel’s system, it appears that there may have been unauthorized malware access to payment card information as it was inputted into the payment card systems,” the statement read. “Payment card data (including payment card account number, card expiration date and security code) of individuals who used a payment card at the hotel between May 19, 2014 and June 2, 2015 may have been affected. For transaction on the point-of-sale terminals at Las Vegas and Waikiki properties, cardholder name may also have been affected.”
Hipskind stated in his suit that the Trump Hotel Collection should have known the threat and been prepared to deal with it.
“Recent data breaches at Home Depot, Target, Neiman Marcus, Michaels, Sally Beauty, and eBay all underscore the fact that criminals can rather easily leverage existing security weaknesses in corporate networks to gain access to sensitive data and critical (point of sale) systems without being detected,” Hipskind wrote. “As a result, not making changes to account for this given the ongoing tsunami of headlines about such breaches is equivalent to pure negligence in the view of some experts.”
U.S. District Judge Nancy Rosenstengel will hear the case.