Unusual Whales

Chinese attackers have infiltrated US telecom providers such as AT&T, Verizon and T-Mobile to monitor US officials, and even politicians like Trump and Harris

Unusual Whales -

In the spring, federal officials began investigating a significant Chinese breach of global telecommunications systems, which they warned on Tuesday is “ongoing” and potentially more extensive than initially believed.

First disclosed publicly in October, the breach has been attributed to Salt Typhoon, a hacking group linked to the Chinese government. The campaign targeted dozens of telecommunications companies in the U.S. and abroad, aiming to access data from U.S. political leaders and national security systems.

Previously undisclosed details about the timeline and scope of the intrusion reveal it was detected between late spring and early summer, according to Jeff Greene, executive assistant director of cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), and a senior FBI official. While investigations began in October, Greene acknowledged, “We cannot say with certainty that the adversary has been evicted” and emphasized ongoing efforts to track the threat.

Greene advised Americans to adopt encrypted communication tools to enhance security, noting, “We need to secure our networks long-term.” The breach is believed to have infiltrated up to 80 telecommunications companies and internet service providers, including AT&T, Verizon, and T-Mobile.

Earlier Tuesday, a joint alert from CISA, the FBI, the National Security Agency, and allied agencies in New Zealand, Australia, and Canada warned of Chinese efforts targeting “major global telecommunications providers.” The United Kingdom did not sign on to the alert, citing differing timelines and priorities. However, the U.K.’s National Cyber Security Centre affirmed support for improving international telecommunications security.

The breach affected three groups of victims. The first group, primarily located in the “Capital Region,” had call records stolen. A second group included a small number of political and government-affiliated individuals whose private communications were compromised; all have been notified. POLITICO previously reported that phones belonging to President-elect Donald Trump and Vice President-elect JD Vance were compromised before the election. The third group involved access to and copying of U.S. court orders submitted under the Communications Assistance for Law Enforcement Act (CALEA), including those related to foreign intelligence surveillance.

When asked about the potential exposure of court orders under the Foreign Intelligence Surveillance Act (FISA), an FBI official declined to comment directly but confirmed that FISA-related orders are part of the CALEA environment.

The campaign has heightened concerns among U.S. lawmakers. Senate Intelligence Committee Chair Mark Warner (D-Va.) called it “the most serious breach in our history.” Senator Mike Rounds (R-S.D.) emphasized the threat, warning that unless specialized apps are used, “any cell phone conversation in America could be reviewed by the Chinese Communist government.”