Potential China involvement in Marriott data breach, report suggests

Chinese intelligence operatives could have played a role in the recent data breach that hit up to 500 million account holders on the Marriott hotel chain’s Starwood database, Reuters reports.

Private analysts delving into the breach, which Marriott announced last week, have concluded that the tactics, tools and methods hackers employed are similar to those in the approach taken in earlier intrusions that were traced back to the Chinese government.

Although sources cited in the analysts’ report are anonymous, the picture painted by the probe suggests hackers in China could have been behind the lengthy attack, and that they were motivated by the push to acquire large-scale data for Beijing intelligence bodies.

The report also concluded that another party could have initiated the attack because some of the same hacking applications employed in the intrusion had been made accessible online beforehand.

Alarmingly, analysts are now considering the strong possibility that more than one hacking party was active inside Marriott’s Starwood database at the same time. This will make it all the more difficult to isolate a main perpetrator for the attack, which was in effect from 2014 to 2018.

The breach suffered on the Starwood database puts swathes of personal data at risk, including email addresses; passport numbers; residential addresses; names; phone numbers, and further sensitive information.

Starwood was bought by Marriott International in 2016, creating the biggest hotel chain globally, with over 5,800 properties. Within the Starwood network brands are W Hotels, Sheraton, Le Méridien, and Four Points by Sheraton. Marriott branded hotels are not thought to be affected because they use a different network.Among other high-profile brands to have suffered major data breaches recently are Cathay Pacific which revealed at the start of November that the personal details of 9.4 million passengers may have been compromised after suspicious activity was detected on the carrier’s networks in March 2018.

Facebook also announced in October that it had been the victim of a data breach – the largest in the firm’s 14-year history – which saw the data of 50 million users accessed by an unauthorised party.

Six months on from the implementation of GDPR, it seems not a week goes by without another global brand announcing the loss of sensitive data, either due to irresponsibly handling malicious cyber-attacks.

This latest breach will add momentum to lawmakers and executives’ calls in the US for a more earnest approach to data privacy and tougher, more uniform legislation that galvanises data protection across the States.


The inaugural Data Protection World Forum (DPWF) was held on November 20th & 21st 2018 at the ExCeL London and welcomed over 3,000 delegates seeking the very latest insight on data protection and privacy.

Pre-registration for DPWF 2019 will be opening in the coming weeks.

https://www.dataprotectionworldforum.com/