Chinese hackers believed to be behind massive Marriott data breach

The Starwood hackers used the same cloud hosting service that previous Chinese hackers had used. (Source: TechSpot)

Sources involved in the investigation of the Marriott/Starwood data breach have revealed that Chinese hackers are believed to be behind the incident. Marriott International announced at the end of November that 500 million customer records had been affected by the hacking activity, which apparently had been ongoing since 2014. Information was taken from the Starwood guest reservation database.

Daniel R Deakin, Published 12/12/2018

The New York Times has reported that Chinese hackers are believed to have carried out the hack that involved the records of 500 million Starwood guests. Sources familiar with the investigation have stated that tell-tale signs have pointed towards the involvement of a Chinese intelligence agency rather than the incident just being a random malicious attack or financially related.

According to the report, the information that was on the database has not yet appeared on the dark web or websites where hacked data has been exchanged for financial gain in the past, leading investigators to believe the hack was carried out by a government agency rather than a criminal entity. The methods used in the hack, such as server hopping, have also been linked with previous Chinese-based cyber attacks.

The accusation comes at a turbulent time for US-China relations in general, and especially so in the technology sector. President Donald Trump has threatened to place tariffs on tech hardware coming out of China, and Chinese Huawei executive Meng Wanzhou is currently on bail in Canada awaiting her extradition hearing.

Marriott announced it was purchasing Starwood in 2015 and the deal was finalized in 2016 for US$13.6 billion. The company has created a special website to assist guests who may have been affected by the 2018 data breach.

Source(s)

Chinese-affiliated hackers compromised 25 global telecommunications companies for over 7 years 06/25/2019

Dell has really dropped the ball here. (Image source: Dell)

Dell laptops confirmed to be affected by serious SupportAssist security flaw 05/03/2019

Asus releases patch to fix Operation ShadowHammer vulnerability in Live Update Utility 03/26/2019

Not what you'd expect from Nokia. (Source: Yle)

Some Nokia devices have been clandestinely sending user data to China 03/22/2019

Ghidra, the NSA's homegrown decompiler tool, is now open source 03/06/2019

The hacker stole account information from the dating website/app Coffee Meets Bagel. (Source: Coffee Meets Bagel/VentureBeat)

Remember to have protection on Valentine's Day - for your data 02/15/2019

Collection #1 breach notification by Have I Been Pwned (Source: Personal email)

Collection #1 is one of the world's worst data breaches so far, with more than 772 million accounts affected 01/17/2019

Fortnite is now used for online money laundering via V-Bucks

Fortnite is being used to launder cash 01/15/2019

Microsoft issues patch for Internet Explorer vulnerability found by Google 12/20/2018

NASA server room, NASA servers compromised in October 2018 attack

NASA has been compromised in October, the magnitude of the breach is still unkown 12/19/2018

After "password" the next worst whole-word password is "sunshine". (Source: BetaNews)

"123456" and "password" are officially 2018's worst passwords 12/16/2018

Meng's supporters have been protesting outside the British Columbia Supreme Court. (Source: bdnews24)

Huawei's Meng Wanzhou granted bail set at CA$10 million; Chinese officials detain Canadian ex-diplomat 12/12/2018

Meng Wanzhou could face a lengthy prison sentence in the US. (Source: Telecoms)

Huawei's CFO Meng Wanzhou faces extradition and fraud charges 12/07/2018

Ms. Meng has been working at Huawei since 1993. (Source: Huawei)

Huawei CFO Meng Wanzhou arrested in Canada 12/06/2018

Dell stated that no products or services were affected by the incident. (Source: V3)

Dell's network affected by attempted hack 11/29/2018

Connor Allsopp (left) and Matthew Hanley (right) have been jailed for their parts in the 2015 TalkTalk hack. (Source: Metropolitan Police)

Two men imprisoned for their involvement in the 2015 TalkTalk hack 11/21/2018

FB Messenger has reportedly been hacked, with thousands of private conversations stolen. (Source: Softonic)

Facebook messages from at least 81,000 accounts hacked & offered for sale online 11/03/2018

Under Armour has recommended that MyFitnessPal users change their passwords immediately. (Source: MyFitnessPal)

150 million MyFitnessPal users affected by hack 03/30/2018

The hackers have been traced spreading the stolen coins to many separate accounts. (Source: Coincodex)

Coincheck hackers get traced as stolen cryptocoins trickle to other accounts 02/01/2018

Equi-fail: Equifax directs customers affected by hack to fake phishing website 09/21/2017

The malware can gain root access on Android phones, exposing the entire device to the hackers. (Source: Android Recovery Mode Screen)

Hackers compromise over 1 million Google accounts 11/30/2016

Read all 1 comments / answer

Loading Comments

Comment on this article

Dual-display Vivo NEX 2 official wi...

World of Tanks 1.3 comes with new o...

Daniel R Deakin - Managing Editor News & Magazine - 3164 articles published on Notebookcheck since 2012

My interest in technology began after I was presented with an Atari 800XL home computer in the mid-1980s. I especially enjoy writing about technological advances, compelling rumors, and intriguing tech-related leaks. I have a degree in International Relations and Strategic Studies and count my family, reading, writing, and travel as the main passions of my life. I have been with Notebookcheck since 2012.

Please share our article, every link counts!