China-linked hackers, identified as part of the hacking group Salt Typhoon, reportedly infiltrated US telecommunications networks for up to 18 months undetected, according to a Wall Street Journal investigation.
The breach, which targeted critical surveillance systems and prominent political figures, represents one of the "worst telecom hacks" in US history.
Also read | US Treasury confirms cyber breach linked to China-backed hacker
Extent of the breach
Beginning in mid-2023, hackers penetrated networks operated by Verizon, AT&T, and other surveillance systems authorised by US courts. These systems included communications linked to individuals under suspicion of acting as agents for China.
The attack specifically targeted telecommunications from Washington DC, including data tied to President-elect Donald Trump, Vice President-elect JD Vance, Vice President Kamala Harris, and their close associates. Over the course of the breach, the attackers amassed an extensive trove of information, including IP addresses, phone numbers, and other sensitive data affecting more than 1 million individuals.
Also read | Ahead of Trump 2.0, Chinese hackers attack US agency that administers financial sanctions: Report
Sophisticated tactics
Salt Typhoon's operatives reportedly tried to mimic systems engineers and masked their activities, in order to blend in, thereby complicating detection and mitigation efforts. Even after being discovered, they adapted their tactics and remained hidden till as recently as October. Authorities observed the hackers transmitting pilfered data globally before consolidating it in China.
An unnamed senator told the Washington Post in 2024 that this was the "worst telecom hack in our nation’s history — by far."
Also read | Japan approves $55bn mammoth defence budget as it gears up to take on China threat
Fallout and response
In response to the breach, National Security Adviser Jake Sullivan convened meetings with key executives to assess and mitigate the damage. Telecommunications companies offered assurances about their networks' current safety, with AT&T claiming no evidence of ongoing foreign infiltration and Verizon stating it had contained the breach.
However, cybersecurity experts remain sceptical, with concerns that the hackers’ sophisticated methods might leave lingering vulnerabilities. "It's shocking how exposed we are, and still are," said Senator Dan Sullivan from Alaska, describing the breach as "breathtaking."
Also read | The White House confirms a new breach in a Chinese cyber campaign
China has denied culpability.
Talking to Washington Post, Liu Pengyu, spokesperson for the Chinese embassy in Washington said, "Some in the US seem to be enthusiastic about creating various types of 'typhoons'."
"The US needs to stop its own cyberattacks against other countries and refrain from using cybersecurity to smear and slander China," added Pengyu.
(With inputs from agencies)