Chinese hackers breached major U.S. telecommunications providers, including Verizon, AT&T and Lumen, in what U.S. officials believe to be a wide-reaching espionage operation. The hackers, linked to China’s Ministry of State Security, may have accessed sensitive information related to U.S. surveillance and federal wiretap requests, raising significant national security concerns.
The FBI, along with U.S. intelligence agencies and the Department of Homeland Security, launched an investigation into the breach, which officials said could have broader implications beyond federal wiretaps.
The hackers reportedly exploited vulnerabilities in the telecommunications networks, including reconfiguring Cisco routers, to gain undetected access and extract sensitive data, according to officials familiar with the matter.
The operation, referred to internally as “Salt Typhoon,” shared similarities with previous Chinese cyber campaigns, such as the 2010 “Operation Aurora” that targeted U.S. companies, but it is distinct from the more recent “Volt Typhoon” operation, which infiltrated critical U.S. infrastructure.
In the Volt Typhoon breaches, hackers gained access to energy, water and transportation systems, potentially preparing for disruptive attacks in the event of a future U.S.-China conflict.
U.S. officials have not yet determined the full extent of the breach or the specific data obtained by the hackers. However, early reports suggested it may have included information regarding lawful intercept systems used in criminal and national security investigations.
The U.S. government previously responded to similar incidents by taking control of compromised routers and devices used by Chinese state-backed hackers to spy on U.S. organizations.
Despite shared global interests in cybersecurity, officials expressed frustration over China’s refusal to cooperate in addressing these ongoing cyber threats. U.S. officials have raised concerns about Beijing’s commitment to global cybersecurity collaboration.
China’s embassy in Washington dismissed the allegations, accusing the U.S. of spreading disinformation to secure government contracts and funding for intelligence agencies.
“In fact, China is one of the main victims of cyberattacks,” a Chinese embassy spokesperson said in a statement.
The spokesperson also claimed the U.S. was fabricating evidence against Beijing.
The breach is the latest in a series of cyber espionage campaigns attributed to China. In addition to infiltrating U.S. telecommunications and critical infrastructure, Chinese hackers have also conducted disinformation campaigns aimed at undermining confidence in Western institutions.
As investigations continue, U.S. officials are working to assess the scope of the damage and any potential impact on national security.
