U.S. investigators have identified state-sponsored Chinese hackers as the party most likely responsible for the Marriott hotels data breach that exposed the personal information of roughly 500 million people, according to a report Tuesday.
The hackers are said to have acted on behalf of China’s Ministry of State Security, Beijing’s civilian spy agency, the New York Times reported, citing two sources familiar with the investigation. China’s Ministry of Foreign Affairs denied the country was responsible for the hack.
“China firmly opposes all forms of cyberattack and cracks down on it in accordance with the law,” a ministry spokesman said. “If offered evidence, the relevant Chinese departments will carry out investigations according to the law.”
The revelation comes amid an escalating trade conflict with the U.S. and China. The Trump administration slapped tariffs on $250 billion worth of Chinese-made goods earlier this year in a bid to crack down on intellectual property theft and other illicit corporate practices.
The Trump administration is said to be planning indictments of Chinese hackers operating on behalf of the country’s intelligence services and military. Officials are also preparing to declassify documents detailing efforts by Chinese agents to compile a database of American executives with security clearances.
In a hack dating back to 2014, hackers gained access to a swath of personal data from Marriott and Starwood hotel guests, including credit card information and passport numbers. The data breach, which was not discovered until this year, ranks among the largest in U.S. history.
The hackers also gained access to health insurers and security clearance data for millions of other Americans, the Times reported.