Clues in the breach link it to a nation-state attack from somewhere in Asia;Attackers accessed the data via a database containing guest information. They’ve been inside the Marriott network since 2014;Experts have hypothesized it was via a phishing attempt;To avoid data loss prevention tools, the attackers encrypted and exfiltrated the data (including credit card numbers).