An internal security tool flagged the possible breach beginning on September 8 and later discovered the hackers had accessed customer information and attempted to remove it in encrypted form, the company said. Besides the information they swiped from Marriott over the last four years, the hackers also reportedly obtained data from health insurers including Anthem and "the security clearance files of millions more Americans" as part of the effort, the report notes. The MSS, an intelligence and security agency, has been behind numerous Chinese government intrusions into sensitive US networks in recent years.
China has repeatedly denied accusations from the USA around the development and deployment of cyberattacks. This time it's being accused of carrying out the Marriott data breach, according to the New York Times.
The New York Times added that the hack into the Starwood database comes as "the Trump administration is planning actions targeting China's trade, cyber and economic policies, perhaps within days". The revelation emerges as the US Justice Department is preparing to announce new indictments against Chinese hackers working for the intelligence and military services, the Times reported. And this wasn't the group's first successful raid - the report also links it to cyberattacks against health insurers and a few instances of U.S. security clearance files theft. "The Trump administration also plans to declassify intelligence reports to reveal Chinese efforts dating to at least 2014 to build a database containing names of executives and American government officials with security clearances". However, according to the report, speculation about the group being responsible for the hack has been denied by Chinese officials. The U.S. suspects Huawei of fraud involving violations of U.S. sanctions against Iran.
Marriott said last week that a hack that began four years ago had exposed the records of up to 500-million customers in its Starwood hotels reservation system. She was arrested in Canada this month at the request of United States authorities but released on bail there late Tuesday.
Marriott on Tuesday reiterated its previous comment on the data breach, saying in a statement: "Our primary objectives in this investigation are figuring out what occurred and how we can best help our guests".