New York Times: Chinese hackers behind massive Marriott breach

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

New York Times: Chinese hackers behind massive Marriott breach Full credit: Andrew Harrer/Bloomberg/Getty Images

By Chris Isidore, CNN Business

A massive data breach at a hotel group owned by Marriott has been traced to Chinese hackers working for the Ministry of State Security, the country’s civilian spy agency, according to The New York Times.

The hack exposed data from approximately 500 million Starwood hotel customers. It also included health insurers and the security clearance files of millions more Americans, according to two people briefed on the investigation, the Times reported.

CNN Business has not independently confirmed the report.

The Times also cited four unnamed US officials who said there could be indictments against Chinese hackers working for the intelligence services and the military. It said the Trump administration also plans to declassify intelligence reports to reveal Chinese hacking efforts dating to at least 2014.

The report comes amid growing tensions between the United States and China. The Trump administration continues to threaten China with taxes on hundreds of billions of dollars of exports to the United States if the countries cannot reach a trade resolution in the coming months.

The United States is also seeking the extradition of the chief financial officer of Chinese tech giant Huawei. She was arrested in Canada this month at the request of US authorities but released on bail there late Tuesday.

The breach of the Starwood reservation system is one of the largest ever, and the company said it is focused on finding out what happened. Marriott bought the Starwood hotel group, which includes Sheraton, Westin, W and St. Regis, in 2016 for $13 billion.

“Our primary objectives in this investigation are figuring out what occurred and how we can best help our guests,” Marriott said in a statement Wednesday. “We have no information about the cause of this incident, and we have not speculated about the identity of the attacker.”

Marriott says that 327 million people had their names, phone numbers, email addresses, passport numbers, dates of birth and arrival and departure information exposed. More than 100 million other customers’ credit card numbers and card expiration dates were potentially compromised.

Marriott has warned that that it can’t confirm if the hackers were able to decrypt the credit card numbers.

“We fell short of what our guests deserve and what we expect of ourselves. We are doing everything we can to support our guests, and using lessons learned to be better moving forward,” CEO Arne Sorenson said in November.

Correction: An earlier version of this story misidentified the reservation system that was hacked, and some of the customers affected.

Notice: you are using an outdated browser. Microsoft does not recommend using IE as your default browser. Some features on this website, like video and images, might not work properly. For the best experience, please upgrade your browser.