Private investigators for Marriott say Chinese hackers are emerging as suspects in the security breach that left the personal information of up to 500 million hotel guests exposed.
Sources familiar with Marriott's internal investigation told Reuters that the methods used in the recent hack are similar to the tools, techniques and procedures that Chinese hackers have deployed before.
While China is the leading suspect, Marriott is still investigating other possibilities, the sources told the news service.
Marriott last week said it was alerted in September to the breach by an internal security tool, which revealed there had been unauthorized access to the Starwood Hotels reservation database since 2014.
The Chinese government is denying any involvement in the hack, which compromised information including guests' passport details, phone numbers, email addresses and possibly some credit card information.
“China firmly opposes all forms of cyber attack and cracks down on them in accordance with law,” Chinese Ministry of Foreign Affairs spokesman Geng Shuang told Reuters. "If offered evidence, the relevant Chinese departments will carry out investigations according to law."
Marriott declined to comment for the Reuters report.
Michael Daly, the CTO of Raytheon Intelligence’s cybersecurity division, last week said the breach was a national security concern.
"This is much more than a consumer data breach,” Daly said. “When you think of this from an intelligence gathering standpoint, it is illuminating the patterns of life of global political and business leaders, including who they traveled with, when and where."
"That is incredibly efficient reconnaissance gathering and elevates this breach to a national security problem," Daly added.
The FBI is investigating the Marriott hack. It is the second largest cyber breach in terms of the number of people affected.