Chinese Hackers Reportedly Behind Massive Marriott Cyberattack That Affected Up To 500 Million Customers

According to the New York Times, the Marriott data breach was conducted as part of a larger effort led by China. Around 500 million users’ personal information was exposed in the breach.

The hackers of the Marriott breach have reportedly been working for the Ministry of State Security of China, according to the Times, citing two people who briefed on the preliminary results of the investigation. The Times also added that this revelation emerged as the Justice Department of US is about to announce new indictments against Chinese hackers who work for the intelligence and military services.

Last month, the American hospitality company Marriott announced that its guest reservation database of the company’s Starwood division had been compromised. The division includes many famous brands such as W Hotels, Westin, Sheraton, Le Meridien, Aloft, St. Regis, and Four Points by Sheraton. The company revealed that the stolen data included payment card numbers as well as expiration dates.

A spokeswoman of Marriott said that the company didn’t know this incident’s cause and had not speculated about the identity of the attacker.

Investigations of the breach had discovered the hacking procedures, techniques, and tools that had been already used in previous cyber attacks linked to Chinese hackers.

These findings of the investigation were revealed when there has already been a precarious relationship between China and the US over trade talks. Just on December 1, Huawei’s CFO was arrested by the Canadian authorities as a request of the US as it accused her of helping Huawei to get around sanctions on Iran.

This Marriott incident is just one among a long list of companies who affected by cyber attacks. In November, Cathay Pacific - a Hong Kong airline announced that they were involved in a data breach which affected 9.4 million customers. Back in September, the social networking giant Facebook also announced that 50 million Facebook users were affected in a data breach.