Chinese intelligence-gathering spies blamed for Marriott data breach

• The threats actors are believed to be linked to China’s Ministry of State Security.
• The information compromised in the breach includes guests’ names, mailing addresses, phone numbers, dates of birth and more.

A massive data breach at the Marriott hotel group resulted in the compromise of sensitive information of about 500 million guests. While the hotel group is still trying to sort out the matter, researchers discovered that the hackers responsible for the attack may be Chinese state-backed threat actors.

Who is to be blamed?

According to the New York Times, the cyberattack on the Marriott hotel chain was a part of an intelligence-gathering effort conducted by China. The threats actors are believed to be linked to China’s Ministry of State Security.

The information compromised in the breach includes guests’ names, mailing addresses, phone numbers, dates of birth, Starwood Preferred Guest (SPG) account information and payment card details.

The hackers had gained access to Starwood guest reservation database back in 2014. However, the firm came to know about this only in November 2018. The officials with knowledge of the matter revealed that the hackers responsible for Marriott data breach are also linked to cyber attacks launched against health insurers and the theft of US security clearance files, ZDNet reported.

China denies all hacking allegations

Following the development in the matter, a spokesperson for the Chinese Ministry of Foreign Affairs has declined these claims by adding further that they still have no knowledge on how the breach took place.

Commenting on the involvement of Chinese hackers, the spokesperson said, "If offered evidence, the relevant Chinese departments will carry out investigations according to the law,"

Meanwhile, the hotel chain says that it has no information about the cause of the attack.

"Our primary objectives in this investigation are figuring out what occurred and how we can best help our guests. We have no information about the cause of this incident, and we have not speculated about the identity of the attacker," Marriott said in a statement, CNN reported.