Report: Clues Suggest Chinese Hackers Behind Marriott Breach

Dec 7, 2018

This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. Terms apply to the offers listed on this page. For an explanation of our Advertising Policy, visit this page.

Clues left behind in the Marriott data breach suggest that the hackers might be intelligence officers backed by the Chinese government.

According to a new report by Reuters, officials investigating the vast breach of customer data say the the Marriott hackers used “tools, techniques and procedures previously used in attacks attributed to Chinese hackers.” Marriott disclosed the massive data breach on Friday, estimating that up to 500 million customers could have had their personal information copied and encrypted into a database by the hackers over the course of four years.

That stolen information mostly includes“some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information, reservation date, and communication preference,” Marriott said. An undisclosed amount of customers’ payment card information was also taken and possibly unencrypted.

China is now the lead suspect in the breach, the sources familiar with the investigation told Reuters. But, it is possible that another group of hackers used the same techniques attributed to Chinese agents, because their tactics are posted online and accessible for others to utilize. In fact, the same source said that multiple hacking entities could have accessed the Starwood database during the same time period, which began in 2014.

Starwood merged with Marriott earlier this year to create the world’s largest hotel chain.

In addition to contacting customers affected by the breach, Marriott said it would pay for new passports for its guests that could prove their passport numbers had been used to commit fraud. For more information on protecting data that could have been compromised in the breach, see this article.

Featured image by Miguel Candela/SOPA Images/LightRocket via Getty Images.

Chase Sapphire Preferred® Card

WELCOME OFFER: 80,000 Points


CARD HIGHLIGHTS: 2X points on all travel and dining, points transferrable to over a dozen travel partners

*Bonus value is an estimated value calculated by TPG and not the card issuer. View our latest valuations here.

Apply Now
More Things to Know
  • Earn 80,000 bonus points after you spend $4,000 on purchases in the first 3 months from account opening. That's $1,000 when you redeem through Chase Ultimate Rewards®. Plus earn up to $50 in statement credits towards grocery store purchases within your first year of account opening.
  • Earn 2X points on dining including eligible delivery services, takeout and dining out and travel. Plus, earn 1 point per dollar spent on all other purchases.
  • Get 25% more value when you redeem for airfare, hotels, car rentals and cruises through Chase Ultimate Rewards®. For example, 80,000 points are worth $1,000 toward travel.
  • With Pay Yourself Back℠, your points are worth 25% more during the current offer when you redeem them for statement credits against existing purchases in select, rotating categories.
  • Get unlimited deliveries with a $0 delivery fee and reduced service fees on eligible orders over $12 for a minimum of one year with DashPass, DoorDash's subscription service. Activate by 12/31/21.
  • Count on Trip Cancellation/Interruption Insurance, Auto Rental Collision Damage Waiver, Lost Luggage Insurance and more.
  • Get up to $60 back on an eligible Peloton Digital or All-Access Membership through 12/31/2021, and get full access to their workout library through the Peloton app, including cardio, running, strength, yoga, and more. Take classes using a phone, tablet, or TV. No fitness equipment is required.
Regular APR
15.99%-22.99% Variable
Annual Fee
Balance Transfer Fee
Either $5 or 5% of the amount of each transfer, whichever is greater.
Recommended Credit

Editorial Disclaimer: Opinions expressed here are the author’s alone, not those of any bank, credit card issuer, airlines or hotel chain, and have not been reviewed, approved or otherwise endorsed by any of these entities.

Disclaimer: The responses below are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by the bank advertiser. It is not the bank advertiser’s responsibility to ensure all posts and/or questions are answered.