The recent Marriott Hotel cyberattack that gleaned personal data from nearly 500 million guests in the hotel’s database has been tied to China. The Marriott data not only included credit card information, but passport data, as well.
On Wednesday, the New York Times reported that the data heist was part of a Chinese intelligence-gathering effort that also hacked health insurers and the files of millions more who have government security clearances.
This seemingly tit-for-tat move comes on the heels of the Trump administration’s plan to take action against China’s economic and cyber policies. Among those actions are indictments against hackers employed by China’s military and its civilian spy agency, the Ministry of State Security.
The Marriott breach is just another downed pin in China’s bowling for data game. In October, Bloomberg reported that a Chinese subcontractor added a computer chip to the motherboards used in servers supporting major U.S. companies and government agencies, including the CIA.
Once in place, the chip could have allowed the Chinese government to steal data and conduct surveillance. And in June, a group of China-based hackers went after military contractors in the United States; they were reportedly interested in learning how those contactors run their business.
Hacking is on a trajectory to become consumers’ biggest nuisance. There’s seldom a week goes by that personal data isn’t jeopardized by someone who thinks they can ransom that data into cash.
Despite the 24/7 threat that personal data may be jeopardized, consumers do have options to protect themselves. Protecting personal data can be affordable and, if compromised, identity theft is easy to report. While consumers are quick to blame the business associated with the hack, companies like Marriott have stepped in to help affected consumers.
The Federal Trade Commission has built a one-stop website -- IdentityTheft.gov -- devoted to helping consumers report and recover from identity theft. The agency also produced a video laying out the steps consumers should take if they fear their personal data has been thieved.