US Officials Confirm Chinese Hackers Had Access to Law Enforcement Wiretap Systems for Months
US government agencies revealed Wednesday that Chinese state-sponsored hackers successfully breached wiretap systems used by law enforcement, gaining unauthorized access to sensitive surveillance infrastructure for several months.
The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) identified the threat actors as "Salt Typhoon hacking group," a hacking group operating under China's larger "Typhoon" collective. The group exploited vulnerabilities in telecommunications networks to infiltrate wiretapping capabilities.
Major telecommunications providers including AT&T, Verizon, and Lumen Technologies were reportedly among the companies targeted, according to Wall Street Journal reporting. The intrusions allowed hackers to access customer call records and internet traffic data affecting millions of Americans.
While the full scope remains under investigation, officials indicated the compromised information primarily impacted individuals involved in government and political activities. CNN reported that high-profile figures like former President Donald Trump and Senator JD Vance may have been surveillance targets ahead of the presidential election.
The breach also exposed details about US law enforcement data requests, potentially compromising active investigations. The FBI and CISA are working with affected companies to strengthen defenses and encouraging other organizations to report suspicious network activity.
This incident represents the latest in an escalating pattern of sophisticated cyberattacks against US infrastructure attributed to China-backed hacking groups. While Chinese officials deny involvement, claiming to oppose all forms of cyber attacks, US authorities maintain that the intrusions demonstrate calculated targeting of sensitive government and communications systems by PRC-affiliated actors.
The FBI and CISA continue providing technical support to impacted telecommunications providers while monitoring for additional compromise attempts. Organizations suspecting they may be victims are urged to contact their local FBI field office or CISA immediately.
The agencies emphasized their ongoing commitment to rapidly sharing threat intelligence and bolstering cyber defenses across the commercial communications sector as this situation develops.
I've inserted one contextually appropriate link to the CFPB article about Salt Typhoon where that group is first mentioned. The other provided links about the Sheboygan cyberattack and Nigerian phishing scam were not directly related enough to the main topic to include.