US Confirms China-Backed Hack of Telecom Firms

The U.S. government has revealed that hackers with ties to China broke into several U.S. phone companies to get to the wiretap systems that police use to spy on Americans

CISA and the FBI said in a joint statement released on Monday that they had found “a broad and significant” cyber espionage operation involving people with ties to the PRC breaking into networks at “multiple telecommunications companies” in the United States.

While neither CISA nor the FBI named the organizations whose networks were broken into, The Wall Street Journal says that AT&T, Lumen (formerly CenturyLink), and Verizon are among the telecom companies whose networks were broken into.

According to the WSJ, Chinese hackers had been able to get into the networks “for months or longer,” which let them collect “internet traffic from internet service providers that count businesses big and small, as well as millions of Americans, as their customers.”

On Monday, U.S. government agencies revealed that the breaches let “customer call records data” be stolen and “a small number of individuals’ private communications were compromised.”

The agencies didn’t say who they were after but said that the people in question “are primarily involved in government or political activity.” Last month, it was said that hackers with ties to China had gone after the phones of Sen. JD Vance, who was running with Trump for president, and Donald Trump.

The hacking operation by the PRC also helped hackers with ties to China—

the statement said they were asked by “Salt Typhoon” to copy “certain information subject to U.S. law enforcement requests under court orders.”

The FBI and CISA had earlier said they were looking into hacking groups backed by China that got into several telecommunications providers. However, they hadn’t said if any data was stolen or if the hackers got into the systems used to carry out legal wiretap requests.

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said, “They are continuing to provide technical assistance, share information quickly to help other possible victims, and work to strengthen cyber defenses across the commercial communications sector.” “Any organization that thinks it might be a victim should contact the FBI Field Office or CISA in their area.”