Less than a month since Marriott International’s Starwood hotel chain announced that a major data breach had affected 500m customers, it now seems that some progress has been made tracking down the source of the leak.
According to a New York Times report, cybersecurity experts in the US have identified state-sponsored Chinese hackers, Beijing’s civilian spy agency, as the party responsible for the data breach.
The report states that two unnamed US officials working on the investigation said that the hack was part of China’s efforts to gain personal data such as credit card numbers and passport information from millions of Americans living in the US.
The Times also reports that hackers also gained access to health insurers and security clearance files of millions of Americans. However, according to the report, speculation about the group being responsible for the hack has been denied by Chinese officials.
The revelation comes amid tensions between on-going tensions between the US and China. The Trump administrations imposed tariffs of 25% on $50bn worth of Chinese imports. The Trump administration is also in the middle of preparing an indictment against Chinese hackers working for the intelligence services.
The data breach of Starwood’s system is one of the largest data breaches to date.
Marriott’s response to the data breach
“Our primary objectives in this investigation are figuring out what occurred and how we can best help our guests,” Marriott said in a statement Wednesday. “We have no information about the cause of this incident, and we have not speculated about the identity of the attacker.”
“We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests, and are using lessons learned to be better moving forward,” CEO, Arne Sorenson, said in November.