AT&T announced that its networks have been fully purged of intrusions by the Chinese group Salt Typhoon. The telecom representatives clarified that the cyberattack served as a springboard for accessing other critical information.
Company officials stated that no hacker activity has been detected at present. According to the investigation, the attack targeted a select group of individuals of interest to intelligence services. In cases where information was compromised, the company fulfilled its notification obligations and is working in coordination with law enforcement agencies.
To safeguard user data, AT&T continues to collaborate with governmental organizations, other telecommunications companies, and independent experts. Efforts are underway to monitor and eliminate threats within its networks.
Earlier reports indicated that Salt Typhoon’s attacks also affected Verizon and several other operators. The hackers potentially gained access to systems used by federal authorities for wiretapping during investigative operations. The White House confirmed the breach of nine telecommunications companies; however, the list of affected entities was not disclosed. Administration representatives noted that it remains challenging to determine the exact number of impacted Americans or the timeline for completely neutralizing the threat.
China has repeatedly denied involvement in the incident. During a closed meeting organized by the Biden administration, vulnerabilities in the telecommunications sector were discussed.
U.S. government officials have long warned of Chinese espionage operations, including cyberattacks on vulnerable networks such as power plants and airports. Concerns are growing that such attacks may serve as preparation for future cyber campaigns capable of causing significant disruptions in the event of a conflict.
Salt Typhoon (also known as GhostEmperor and FamousSparrow) has been active since 2020, specializing in data theft and reconnaissance, particularly intercepting internet traffic. Most of its targets are located in North America and Southeast Asia. Other Chinese hacker groups, such as Flax Typhoon and Volt Typhoon, have already attempted to breach critical U.S. infrastructure and were preparing for potential cyberattacks.
