China was behind the Marriott Hotel hack, claim investigators
The investigators think the four-year-old hack was aimed at stealing information, not money
Investigators looking into the Marriott's Starwood hotel chain attack think the hackers working with Chinese authorities were responsible.
According to sources familiar with the situation, reported Business Insider, clues left behind after the attack led investigators to China. These clues included similar tools used to launch other attacks on businesses that were later found to originate from China.
Investigators think the hackers were told to find out information for the country's espionage campaign rather than to steal money from Marriott customers. However, Marriott Hotels said it had no information to share as the investigation continues.
The attack began four years ago and has resulted in the loss of 500 million customers who had used the subsidiary Starwood hotels reservation system. Stolen data included customer data included names, passport numbers, addresses, phone numbers, birth dates and email addresses. Encrypted credit card data was also taken in some cases.
Evidence has arisen that suggests criminals may have had access to its systems for four years, before the Marriott Group even acquired Starwood Hotels.
This would place it just after an attack on the US Government's Office of Personnel Management that compromised the details of tens of millions of government employees. At the time, White House National Security advisor John Bolton told the media he thought Chinese criminals were responsible for the hack, despite the Chinese government insisting its people weren't responsible.
The sources suggesting China is responsible also said it's possible a hacker group from another country was responsible because lots of people have access to the same tools. In fact, China may have been working with a number of other hacking groups, pooling resources to steal as much data as possible.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.
Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.
As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.