Up to 500 million customers may have had their personal info compromised in a huge Marriott data breach, and investigators are now coming across clues as to who may be behind the hack. Sources tell Reuters that digital fingerprints—i.e., previously used "hacking tools, techniques, and procedures"—point to Chinese hackers, with the breach perhaps more a spying initiative than a financially motivated effort. Not that it's a slam dunk on IDing the suspect or suspects: The sources note it looks like multiple groups have apparently been mucking about in Starwood's reservations databases over the past four years, and that the tools typically used by China were accessible to others online.
A former high-ranking FBI official says the Marriott hack bears striking similarities to a breach carried out by Chinese intel operatives in 2014, while a former DOJ official notes that the lengthy amount of time hackers toiled away within the system also suggests a "government attacker ... Patience is a virtue for spies, but not for criminals trying to steal credit card numbers." A rep for China's Foreign Ministry is pushing back at the "gratuitous accusations," while a Marriott rep simply tells Reuters, "We've got nothing to share." Read the full piece here. (Or read more on the hack here.)