A massive infiltrative Chinese campaign just gave Beijing unprecedented access to private texts and phone conversations for an unknown number of Americans

A ninth U.S. telecommunications company has been confirmed as a victim of a sweeping Chinese espionage campaign that allowed Beijing officials access to private texts and phone calls of an unspecified number of Americans, a senior White House official stated on Friday.

Earlier this month, Biden administration officials revealed that at least eight telecom firms and dozens of other nations had been targeted in the Chinese hacking operation known as Salt Typhoon. On Friday, Anne Neuberger, the deputy national security adviser for cyber and emerging technologies, disclosed that a ninth company had been identified after the administration issued guidance to businesses on detecting Chinese intrusions in their networks.

This update marks the latest development in a large-scale cyberespionage effort that has raised alarms among national security experts, exposed vulnerabilities in private-sector cybersecurity, and underscored China’s advanced hacking capabilities.

The attackers infiltrated telecom networks to retrieve customer call records and monitor private communications of a “limited number of individuals.” Although the FBI has not disclosed specific victims, officials believe senior U.S. government officials and prominent political figures are among those whose communications were compromised.

Neuberger indicated that the exact number of affected Americans remains unclear due to the sophisticated and discreet nature of the operation, but a “large number” of targets were concentrated in the Washington, D.C., and Virginia areas.

The hackers’ primary goal, according to officials, was to identify phone owners and, if they were “government targets of interest,” intercept their text messages and phone conversations. The FBI reported that most individuals targeted were "primarily engaged in government or political activities."

Neuberger emphasized the necessity for mandated cybersecurity standards within the telecommunications sector. The Federal Communications Commission (FCC) is set to address this issue at an upcoming meeting next month.

“We’ve seen that voluntary cybersecurity measures are insufficient to defend against hacking by China, Russia, and Iran, especially when it comes to protecting critical infrastructure,” Neuberger said.