80+ Telecoms Breached: Chinese Hackers Access US Political and Security Data
The U.S. federal government has launched an investigation into a large-scale Chinese breach of global telecommunications systems discovered in late spring 2024. On Tuesday, officials warned that the intrusion is “ongoing” and likely more extensive than previously estimated.
The breach was publicly disclosed in October. American agencies have attributed the attack to the Salt Typhoon hacker group, reportedly linked to the Chinese government. This group targeted dozens of telecommunications companies in the U.S. and worldwide to gain access to data concerning American political leaders and information critical to national security.
Jeff Greene, Executive Assistant Director for Cybersecurity at CISA, and an FBI representative revealed on Tuesday that while agencies began their joint investigation into Salt Typhoon’s activities in early October, the intrusion was first identified “in late spring and early summer.”
“It cannot be stated with certainty that the attackers’ access to the systems has been entirely severed,” Greene stated. “Despite active monitoring, neither we nor our partners can claim a full understanding of the situation.”
Greene urged Americans to “utilize encrypted communications wherever possible,” emphasizing the need to “consider long-term strategies for securing networks.” According to the investigation, up to 80 telecommunications companies and internet service providers, including AT&T, Verizon, and T-Mobile, were compromised.
Previously, CISA, the FBI, the NSA, and partner agencies in New Zealand, Australia, and Canada issued a joint advisory regarding Chinese hacker attacks on global telecommunications providers. The United Kingdom was the sole member of the Five Eyes intelligence alliance not to endorse the document, citing differences in approach and timing.
During a briefing, FBI and CISA representatives categorized the victims of the cyberattack into three groups. The first includes residents of the Washington, D.C., metropolitan area whose phone call records fell into the hands of the hackers, though the exact number of affected individuals remains undisclosed. The second group consists of a small number of politicians and government officials whose confidential communications were breached, including devices belonging to President-elect Donald Trump and Vice President-elect J.D. Vance. These compromises occurred before the elections, as previously reported.
The third category involves stolen U.S. court orders accessed via the CALEA program, which enables law enforcement to issue judicial requests for telecommunications data. Although FBI officials did not confirm access to materials related to the Foreign Intelligence Surveillance Act (FISA), they acknowledged that such data might also have been compromised.
Senator Mark Warner, Chair of the Senate Intelligence Committee, described the breach as “the most severe violation in U.S. history.” Senator Mike Rounds, a member of the Senate Armed Services Subcommittee on Cybersecurity, warned during the Halifax International Security Forum, “Without the use of specialized secure applications, any phone conversation by American citizens could be intercepted by the Chinese government.”
