Skip to content

Chinese hackers breach US telecom, access govt communications

  • by
  • 2 min read

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have disclosed that hackers tied to the Chinese government, Salt Typhoon, accessed the private communications of select U.S. government officials by infiltrating several major telecommunications providers. The breach also reportedly allowed attackers to collect data on customer call records and details related to law enforcement requests.

The joint statement, released by CISA and the FBI, confirms the breach at multiple broadband providers, including major names like AT&T, Verizon, and Lumen Technologies.

Salt Typhoon — also known as Earth Estries, FamousSparrow, GhostEmperor, and UNC2286 — focuses on targeting government entities and telecommunication companies in Southeast Asia.

It is estimated that the hackers may have maintained network access for months, allowing them to collect extensive internet traffic. This prolonged access would have potentially provided hackers with sensitive data from big and small businesses that could affect millions of Americans.

New revelations show that corporate america is largely pro-china

The agencies’ statement confirmed that the attackers exploited the networks to steal customer call records and obtain information related to law enforcement requests, which require court approval in the United States. Notably, the breach extended to the private communications of individuals engaged in political or government activities, adding a troubling security angle to the attack.

“Specifically, we have identified that PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders,” said the joint statement.

Last week, it was reported that Earth Estries was conducting a sophisticated campaign to target exchange servers and network tools.

Another Chinese hacker group, Volt Typhoon, hacked Singapore’s largest mobile carrier, Singapore Telecommunications Ltd. This breach was discovered in June and is part of a broader campaign by the threat actor against telecommunications and critical infrastructure.

In the News: The Guardian leaves X, citing racism and far-right content

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

Related Reads

This is an image of dark web hacker security

Security flaw in Dahua CCTVs allows remote access

This is an image of python windows featured

Hackers are targeting Python developers with fake PyPI sites

This is an image of apple featured 2323424823

Apple patches Safari bug; Already exploited in Chrome

This is an image of dark web hacker security

Vibe coding platform breach exposes corporate apps

This is an image of dark web hacker security

Fake apps are stealing data blackmailing users on Asian mobile networks

This is an image of ransomware 32988sd

FBI collects dues from Chaos ransomware gang; $2.4 million in crypto seized

>