Salt Typhoon Breach Expands With Ninth Telecom Firm Compromised

The United States has identified a ninth telecommunications company breached in an extensive espionage campaign attributed to the Chinese state-sponsored hacking group Salt Typhoon. This group, known for its persistent targeting of critical infrastructure, has been linked to previous intrusions across government entities and telecoms globally. A lapse in security was attributed to the recently identified company, as it reportedly had a single administrator account granting access to over 100,000 routers. Deputy National Security Advisor Anne Neuberger remarked in a Bloomberg report, “The reality is that China is targeting critical infrastructure in the United States. Those are private sector companies, and we still see companies not doing the basics.”

Regarding the known major telecommunication providers, AT&T and Verizon, both companies have asserted that their networks are now secure. AT&T confirmed it had detected no ongoing nation-state activity within its networks. “Based on our current investigation of this attack, the People’s Republic of China targeted a small number of individuals of foreign intelligence interest,” an AT&T spokesperson said. The company reported monitoring and remediation efforts to safeguard customer data while working with authorities to mitigate threats, as reported by Reuters. Verizon’s Chief Legal Officer similarly assured that “considerable work” had successfully contained the breach, stating, "We have not detected threat actor activity in Verizon's network for some time," and "that Verizon has contained the activities associated with this particular incident."

The Salt Typhoon campaign raises serious concerns about the undetermined scope of the intrusions, as attackers gained broad access to network data, potentially geolocating millions of individuals and recording phone calls. Officials and industry leaders are addressing these issues with proposals such as a Federal Communications Commission rule requiring annual cybersecurity compliance reports from telecom providers. Furthermore, CISA has urged political figures to adopt encrypted communication methods to mitigate ongoing risks. This breach, described as the “largest telecommunications hack in our nation’s history” by Sen. Ben Ray Luján, emphasizes the need for collaborative efforts between the private sector and government to secure critical infrastructure against nation-state cyber threats.