Investigators looking into the Marriott's Starwood hotel chain attack think the hackers working with Chinese authorities were responsible.
According to sources familiar with the situation, reported Business Insider, clues left behind after the attack led investigators to China. These clues included similar tools used to launch other attacks on businesses that were later found to originate from China.
Investigators think the hackers were told to find out information for the country's espionage campaign rather than to steal money from Marriott customers. However, Marriott Hotels said it had no information to share as the investigation continues.
The attack began four years ago and has resulted in the loss of 500 million customers who had used the subsidiary Starwood hotels reservation system. Stolen data included customer data included names, passport numbers, addresses, phone numbers, birth dates and email addresses. Encrypted credit card data was also taken in some cases.
Evidence has arisen that suggests criminals may have had access to its systems for four years, before the Marriott Group even acquired Starwood Hotels.
This would place it just after an attack on the US Government's Office of Personnel Management that compromised the details of tens of millions of government employees. At the time, White House National Security advisor John Bolton told the media he thought Chinese criminals were responsible for the hack, despite the Chinese government insisting its people weren't responsible.
The sources suggesting China is responsible also said it's possible a hacker group from another country was responsible because lots of people have access to the same tools. In fact, China may have been working with a number of other hacking groups, pooling resources to steal as much data as possible.
