The United States government has revealed that a large-scale hacking operation attributed to a Chinese state-linked group, known as Salt Typhoon, has compromised global telecommunications networks. Officials from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) disclosed Tuesday that the breach, which began in late spring, remains active and is potentially more extensive than initially thought.
Salt Typhoon’s efforts were detected in the spring and officially announced in October. The group is believed to have infiltrated at least 80 telecommunications and internet providers, including major U.S. companies like AT&T, Verizon, and T-Mobile. By gaining access to sensitive telecom infrastructure, hackers targeted U.S. political figures, national security data, and private communications.
Among the stolen data were call records, private communications, and U.S. court orders submitted under the Communications Assistance for Law Enforcement Act (CALEA). These court orders, which allow intelligence collection through telecom providers, have raised questions about whether the breach extended to classified surveillance operations under the Foreign Intelligence Surveillance Act (FISA). FBI officials have not confirmed this directly.
Although officials did not disclose all affected individuals, reports suggest that the phones of President-elect Donald Trump and Vice President-elect JD Vance were compromised during the election period. The hack has also disrupted critical data flow in the “Capital Region” and impacted political leaders across the U.S.
Internationally, Salt Typhoon leveraged servers across multiple countries to facilitate its activities. However, the U.K. declined to join the Five Eyes intelligence-sharing group’s joint advisory, opting instead for an independent approach to addressing vulnerabilities in its telecommunications infrastructure.
U.S. officials are urging Americans to adopt encrypted communication methods and enhance personal cybersecurity. “We cannot say with certainty that the adversary has been evicted,” noted Jeff Greene, CISA’s executive assistant director for cybersecurity. This highlights ongoing vulnerabilities as agencies scramble to contain the breach.
Senate Intelligence Committee Chair Mark Warner (D-Va.) called the hack the “most serious breach in our history,” while Sen. Mike Rounds (R-S.D.) warned that most unencrypted communications could be subject to review by the Chinese government. The bipartisan urgency underscores the gravity of the intrusion.
This breach reflects a broader trend of cyberattacks from state-sponsored entities targeting critical infrastructure globally. Beyond the immediate political and security risks, this incident raises concerns about the resilience of global telecom systems against increasingly sophisticated cyberthreats.
For the U.S. and its allies, the breach not only necessitates a coordinated international response but also emphasizes the importance of modernizing cyber defense measures to mitigate future risks.





