A Chinese hacking group, known as “Salt Typhoon,” infiltrated multiple U.S. telecommunications providers earlier this year, compromising sensitive cellular logs and creating serious national security concerns, according to officials.
The hackers reportedly gained access to vast amounts of Call Detail Records, which contain information on phone call logs, including the identities of call participants, timestamps, frequency, and location data via 5G networks. Though it remains unclear if the hackers accessed audio data from the calls, the breach represents one of the largest intrusions into U.S. telecom systems in recent history, per The Wall Street Journal.
The U.S. administration acknowledged the breach in October, stating that an investigation had begun. However, no public details have been released about when the Chinese hackers first gained access, how extensive their access was, or if they are still present in the networks.
“Salt Typhoon” reportedly gained entry through a combination of outdated routers and networking systems, which lack the operating systems typically targeted by conventional cybersecurity methods, complicating U.S. efforts to locate and remove the hackers.
Senator Marco Rubio, a member of the Senate Intelligence Committee, described the breach as an “egregious, outrageous, and dangerous” threat to national security on CBS’s Face the Nation on Sunday. Rubio and other officials confirmed that the breach poses a risk beyond election security, potentially impacting U.S. intelligence capabilities, as well as the personal privacy and safety of American citizens.
According to officials, “Salt Typhoon” targeted at least 10 U.S. telecom companies, including Verizon, AT&T, and Lumen Technologies, exploiting these networks to access unencrypted communications, potentially from high-profile figures. A New York Times report noted that several U.S. political figures, including President Donald Trump, were among the individuals monitored.
In response to the breach, the U.S. administration has issued directives advising government employees to avoid using cellular networks for work-related discussions, encouraging the use of secure platforms like Microsoft Teams and Cisco WebEx. The Consumer Financial Protection Bureau, among other agencies, has implemented similar guidance.