- The Marriott hotel group announced a major data breach that affected 500 million customers.
- US investigators reportedly believe Chinese state hackers are behind the attack, which began four years ago.
- Marriott is the top hotel provider to the US government and military personnel.
- The data breached included credit card details and passport numbers.
- China has reportedly been trying to build a database containing US government officials’ personal information.
- Beijing has denied involvement in the attack.
US investigators have reportedly traced the massive data breach on Marriott customer data to Chinese hackers, a move that will likely exacerbate ongoing US-China economic tensions.
The Post’s sources warned against making definitive conclusions on the attack, as the investigation was still ongoing, but said the methods of the hack suggested it was state-sponsored. Private investigators also identified the techniques as those previously used in attacks attributed to Chinese hackers, Reuters reported.
Marriott, which operates more than 5,800 properties in more than 110 countries, says it is the top hotel provider to the US government and military personnel.
The hotel chain announced in late November that about 500 million customers had their personal data breached in the attack, which began four years ago.
About 327 million of them had information like their name, phone number, and passport number taken, while an unspecified number had their credit card details taken.
The Trump administration has been planning to declassify US intelligence reports that show China’s efforts to build a database with the names of US government officials with security clearances, the Times reported.
People involved in the company’s private investigation into the breach also said the hackers may have been trying to collect information for China’s spy agencies, rather than for financial gain, Reuters reported.
Passport numbers, which are not usually collected in data breaches, may have been a particularly valuable discovery for the hackers, the Post said.
Beijing has denied responsibility for the attack.
Geng Shuang, a spokesman for the country’s foreign ministry, told reporters last week: “China firmly opposes all forms of cyber attack and cracks down on it in accordance with the law. If offered evidence, the relevant Chinese departments will carry out investigations according to the law. We firmly object to making groundless accusations on the issue of cyber security.”
Reports of Beijing’s involvement in the Marriott breach comes amid mounting tensions between the US and China over trade tariffs and cyber policies.
Washington has been planning to issue a series of measures that include indictments and possible sanctions against Chinese hackers, The Times and Post both reported.
Beijing is currently reeling over the arrest of Meng Wanzhou, the CFO of Chinese telecom giant Huawei and the daughter of the company’s founder, over her alleged involvement in Iran sanction violations.
She was granted bail at $US7.4 million while she awaits a hearing for extradition to the US. Last week, Beijing summoned the US ambassador to China and warned of “grave consequences” if Meng was not released.
Business Insider Emails & Alerts
Site highlights each day to your inbox.