The cyberattack on the Marriott hotel chain that collected personal details of roughly 500 million guests was part of a Chinese intelligence-gathering effort that also hacked health insurers and the security clearance files of millions more Americans, according to two people briefed on the investigation.

The hackers, they said, are suspected of working on behalf of the Ministry of State Security, the country’s Communist-controlled civilian spy agency. The discovery comes as the Trump administration is planning actions targeting China’s trade, cyber and economic policies, perhaps within days.

Those moves include indictments against Chinese hackers working for the intelligence services and the military, according to four government officials who spoke on the condition of anonymity. The Trump administration also plans to declassify intelligence reports to reveal Chinese efforts dating to at least 2014 to build a database containing names of executives and American government officials with security clearances.

From the first revelation that the Marriott chain’s computer systems had been breached, there was widespread suspicion in both Washington and among cybersecurity firms that the hacking was not a matter of commercial espionage, but part of a much broader spy campaign to amass Americans’ personal data.

While American intelligence agencies have not reached a final assessment of who performed the hacking, a range of firms brought in to assess the damage quickly saw computer code and patterns familiar to operations by Chinese actors.

The Marriott database contains not only credit card information but passport data. Lisa Monaco, a former homeland security adviser under Mr. Obama, noted last week at a conference that passport information would be particularly valuable in tracking who is crossing borders and what they look like, among other key data.

But officials on Tuesday said it was only part of an aggressive operation whose centerpiece was the 2014 hacking into the Office of Personnel Management. At the time, the government bureau loosely guarded the detailed forms that Americans fill out to get security clearances — forms that contain financial data; information about spouses, children and past romantic relationships; and any meetings with foreigners.

Such information is exactly what the Chinese use to root out spies, recruit intelligence agents and build a rich repository of Americans’ personal data for future targeting. With those details and more that were stolen from insurers like Anthem, the Marriott data adds another critical element to the intelligence profile: travel habits.

Since 2012, analysts at the National Security Agency and its British counterpart, the GCHQ, have watched with growing alarm as sophisticated Chinese hackers, based in Tianjin, began switching targets from companies and government agencies in the defense, energy and aerospace sectors to organizations that housed troves of Americans’ personal information.

At the time, one classified National Security Agency report noted that the hackers’ “exact affiliation with Chinese government entities is not known, but their activities indicate a probable intelligence requirement feed” from China’s Ministry of State Security.

Read more: New York Times