US telco providers allegedly hacked by Chinese hackers, breaching court-ordered wiretaps

WSJ reports a recent cyberattack, allegedly carried out by Chinese hackers, compromised the networks of major U.S. broadband providers Verizon, AT&T, and Lumen Technologies. The hackers reportedly accessed systems used by the federal government to manage court-authorized wiretaps, potentially holding access for months. The breach allowed unauthorized access to sensitive data, including information linked to lawful communications requests and other internet traffic.

The group responsible for this attack is dubbed Salt Typhoon by U.S. investigators, who are working to assess the full extent of the breach. This incident raises serious concerns about national security, especially in the context of escalating tensions between the U.S. and China. The attack bears similarities to other recent cyber espionage campaigns linked to China, including Volt Typhoon and Flax Typhoon, which have also targeted critical infrastructure for intelligence collection purposes.

No details about the nature of the attack and number of affected individuals are disclosed.

China's foreign ministry denied involvement, describing the U.S.'s allegations as part of a "false narrative" aimed at framing Beijing, and urging for international cooperation on cybersecurity issues. Meanwhile, the FBI and other agencies are continuing their investigation into the breach.

Update - as of 11th of November, the U.S. government has confirmed that hackers with links to China breached multiple U.S. telecommunication service providers to access the wiretap systems used by law enforcement to surveil Americans.
In a joint statement published on Monday, CISA (Cybersecurity and Infrastructure Security Agency) and the FBI said they had uncovered “a broad and significant” cyber espionage campaign that saw PRC-affiliated actors compromise networks at “multiple telecommunications companies” in the United States.

Update - as of 28th of December, the White House reports that nine telecommunications firms are now confirmed to be impacted by a Chinese hacking group known as "Salt Typhoonha" during the extensive cyber espionage campaign targeting U.S. telecommunications infrastructure. Deputy National Security Adviser Anne Neuberger disclosed that the hackers' primary objective was to gain access to customers' call records and private communications, specifically targeting individuals involved in government or political activities.