Join us at TNW Conference 2022 for insights into the future of tech →

The heart of tech

This article was published on December 12, 2018

Starwood breach affecting 500M users reportedly part of a larger Chinese state-sponsored attack

Starwood breach affecting 500M users reportedly part of a larger Chinese state-sponsored attack
Abhimanyu Ghoshal
Story by

Abhimanyu Ghoshal

Managing Editor

Abhimanyu is TNW's Managing Editor, and is all about personal devices, Asia's tech ecosystem, as well as the intersection of technology and Abhimanyu is TNW's Managing Editor, and is all about personal devices, Asia's tech ecosystem, as well as the intersection of technology and culture. Hit him up on Twitter, or write in: [email protected].

Remember that massive breach of the Mariott-owned Starwood hotel chain from last month, which saw 500 million users’ data stolen? The New York Times reports that the intrusion was part of a larger state-sponsored intelligence-gathering effort spurred on by China‘s spy agency, the Ministry of State Security.

China was suspected to be behind the attack on Mariott’s network – which took place in September – from the time the breach was discovered. That’s from various security firms’ assessments of the code and patterns used in the attack, which they deemed similar to previous operations by Chinese hackers.

As you’d expect, China denies it had anything to do with it. Geng Shuang, a spokesman for China’s Ministry of Foreign Affairs said:

China firmly opposes all forms of cyberattack and cracks down on it in accordance with the law,” he said. “If offered evidence, the relevant Chinese departments will carry out investigations according to the law.

According to the NYT’s sources, the aim of this widespread attack is to gather intelligence on American spies, as well as to pick up data that could be used for counterintelligence operations, and to target individuals.

Whoever’s behind the Mariott breach got hold of some 327 million guests’ passport information; that’s notable, when you consider that the company – which is now the world’s largest hotel chain – is the top hotel service for American government and military personnel.

With all the data the hackers have gathered, they could track “which Chinese citizens visited the same city, or hotel, as an American intelligence agent who was identified in data taken from the Office of Personnel Management or from American health insurers that document patients’ medical histories and Social Security numbers.”

The report follows a major breach of the US Office of Personnel Management from 2014, in which 19.7 million background investigation forms were accessed. That attack was also linked to Chinese hackers.

All this at a time when tensions over trade regulations between the US and China are high – and when another major incident is exacerbating the strain on this relationship: Chinese telecom giant Huawei’s CFO Meng Wanzhou had recently been arrested (and now granted bail) over its violations of US trade sanctions against Iran.

It won’t be easy to smooth things over between the two superpowers given the current state of affairs and the ongoing cyberwar efforts from China – but apparently, the White House is trying its best. Good luck, President Trump.

Also tagged with