It seems as Marriott bought itself a Chinese data breach, so to speak. New details are emerging from the recent Marriott hack, and fingers are being pointed at the Chinese.
A report by the New York Times (opens in new tab) claims hackers behind the attack could be linked to China's Ministry of State Security, the government's intelligence gathering office. And this wasn't the group's first successful raid – the report also links it to cyberattacks against health insurers and a few instances of US security clearance files theft.
The Chinese are, obviously, denying everything. Ministry of Foreign Affairs’ spokesperson told the New York Times that they don’t know how or why the attacks happened.
"If offered evidence, the relevant Chinese departments will carry out investigations according to the law," it was said.
Marriott was breached through Starwood, whose guest reservation database had been hacked back in 2014. The company was acquired by Marriott in 2016, and the breach was uncovered in November this year.
It was reported that guest names, mailing addresses, phone numbers, passport numbers, dates of birth, and Starwood Preferred Guest ("SPG") account information was stolen. In some instances, the attackers also stole credit card data.
China and the US are involved in a trade war at the moment. First the US pressured ZTE into paying a $1bn fine and changing its entire management staff (opens in new tab). Then, it started lobbying among its allies to exclude Huawei from building 5G networks out of alleged fear for national security (opens in new tab). It seems to be working as a number of countries have announced cutting ties with Huawei (opens in new tab) when it comes to building 5G networks.
China, on the other hand, responded by banning the sales of all iPhones (opens in new tab) released between 2016 and 2018.
Huawei’s CFO has recently been arrested in Canada (opens in new tab) and is facing extradition to the US because of alleged fraud.
Photo credit: karen roach / Shutterstock