It’s increasingly looking like China was behind the massive Marriott data hack

All signs point to China when it comes to the massive Marriott hack that came to light last month.

The data breach that exposed personal data of around 500 million guests of the hotel chain is believed to part of a Chinese state-run espionage operation, according to multiple sources briefed on the U.S. government’s investigation that spoke with the New York Times and Washington Post.

The intrusion into Marriott International’s Starwood hotel reservation system shared similarities to previous Chinese-government linked intelligence gathering operations. The hackers in the Marriott hotel chain breach used the same cloud hosting service that previous Chinese cyber attacks utilized. The sources familiar with the U.S. investigation also point out that similar techniques, such as server “hopping,” lead to the belief that China is behind the hack.

Perhaps the most telling clue is where the data has not shown up. If the data, which includes personal information such as guests’ names, addresses, credit card and passport numbers, was stolen by criminals with a financial incentive, the info would have shown up for sale somewhere. However, this valuable personal data has yet to appear for sale on the dark web or other forums where this information is typically traded.

A Reuters report published last week first implicated China’s involvement in the cyberattack. The information made public by sources then pointed towards a Chinese spying operation, as opposed to a financially motivated crime, in part due to the longevity of the breach. Marriott first reported the intrusion late last month after it first detected a breach in September. However, the hack had gone undetected for four years.

The U.S. investigation in the Marriott data breach is ongoing and no final conclusion as to who is responsible for the attack has been made.. A spokesman for China’s Ministry of Foreign Affairs denied any Chinese involvement at a press briefing last week.

This new revelation comes at a time when relations between the U.S. and China are already rocky. Just last week the CFO of Chinese electronics manufacturer Huawei was arrested in Canada and is facing extradition charges to the U.S. over Iran sanctions violations. China has demanded her release. On top of these most recent incidents, a U.S.-China trade war looms, regardless of a 90-day truce between President Donald Trump and President Xi Jinping two weeks ago.