Clues in Marriott data breach implicate China: Report
- Marriott International on November 30 reported a massive breach in its Starwood hotel reservation system
- The hotel group said that the information of nearly 500 million guests in its database had been stolen
- Early investigation suggests that the breach could be a result of the hackers working for the Chinese government
Hotel group Marriott International on November 30 reported a massive breach in its data system. The hackers, as the hotel group announced, had stolen the information, including phone numbers, email address, and passport numbers among other things, of nearly 500 million guests in its Starwood hotel reservation system. And now, nearly a week after investigation into the matter has already started yielding results. Early investigation shows that the breach could be a result of the Chinese espionage.
Sources familiar with the matter told Reuters that the hackers involved in the hack have left clues which suggests that they could be gathering intelligence information for the Chinese government. Private investigators investigating the matter have found out hacking techniques and tools that in the past have been accredited to the Chinese hackers.
Notably, while sources have implicated Chinese government adding that the hack lacked a financial motivation, they have also cautioned that it could also be the work of someone else who had access to similar hacking tools. Investigators have also cautioned that the breach could also be the work of multiple hacking groups using a similar technique for getting into Marriott group's customer database.
If the investigation confirms China's involvement in the hack, that could strain the already tense relations between the the US and China.
Both Chinese Embassy in Washington and Marriott spokesperson have declined to comment on the matter.
Meanwhile, Marriott International has agreed to make payments for the passport replacements if in its probe it finds out that the customers have been a victim of the data breach. In an email response to The Washington Post, Marriott spokesperson Connie Kim that that while the chances of hackers using the victim's passport numbers was low, the hotel group was willing to cover the charges for customers requesting passport replacements.
"We are setting up a process to work with our guests who believe that they have experienced fraud as a result of their passports being involved in this incident," she told The Post. "If, through that process, we determine that fraud has taken place, then the company will reimburse guests for the costs associated with getting a new passport," she added.