Speculation about the criminals responsible for the Starwood/Marriot breach has centered on nation-state actors. In a new article, Reuters is reporting that "sources familiar with the matter" claim hackers left clues pointing toward China as the party responsible for the attack.
According to the article, the attackers used "hacking tools, techniques and procedures" previously used by known Chinese hackers. The sources caution, though, that two factors make conclusive attribution difficult at this point.
First, the tools that point toward China are now commonly available to, and used by, hackers around the world. Next, investigators have come to suspect that multiple groups may have been active in the databases during the four-year duration of the breach.
Read more here.