Trump International Hotels Management has agreed to pay the State of New York $50,000 for two data breaches that exposed over 70,000 customer credit card numbers and other personal information, according to New York Attorney General Eric Schneiderman.

The first data breach involved the infection of the Trump Hotels’ system with malware that affected hotels in New York, Las Vegas and Chicago.

A second data breach was discovered in March of 2016, which also involved malware placed on 39 systems, which affected five hotel properties, including the Trump SoHo New York.

According to Schneiderman, Trump violated the New York breach notification law by failing to provide consumers notice “as soon as possible,” as it took Trump Hotels four months to provide notice of the data breaches on its website.

The settlement also requires Trump Hotels to enhance its data security practices.

Schneiderman previously filed suit against Trump in 2013 over Trump University real estate seminars, and it has been reported that Schneiderman is now also investigating Trump’s charitable foundation for alleged violations of New York not for profit laws.