A Chinese government-linked hacking group has infiltrated multiple U.S. telecommunications companies in a sophisticated cyber espionage operation, potentially compromising systems used for court-authorized wiretapping, according to multiple sources briefed on the matter. The breach, first reported by The Wall Street Journal, involved large U.S. internet service providers, including Verizon, AT&T, and Lumen (formerly CenturyLink).
The hackers, identified as the group “Salt Typhoon,” accessed sensitive systems used to process U.S. federal law enforcement wiretap requests, raising concerns over potential national security risks. Investigators have not confirmed whether the hackers obtained specific wiretap data or other sensitive information.
U.S. officials have been investigating the breach, with help from cybersecurity experts at Microsoft and Google’s Mandiant, and have briefed members of Congress. The investigation remains in its early stages, but officials have expressed concern over the hackers’ skill and ability to avoid detection for an extended period.
The Chinese Embassy in Washington denied any involvement, accusing the U.S. of politicizing cybersecurity issues. This breach is part of a broader pattern of cyberattacks linked to China, which has included intrusions into U.S. government and corporate networks.
Both AT&T and Lumen declined to comment on the breach.
Expanded Coverage: