Major U.S. telecom companies AT&T Inc. and Verizon Communications Inc. confirmed they were targeted by the China-linked hacking group known as Salt Typhoon. Both companies stated that their networks are now secure and free from further intrusion.
In a statement released Saturday, Dallas-based AT&T revealed that the hackers had attempted to access information related to foreign intelligence. Similarly, New York City-based Verizon disclosed that the attackers had targeted “a small number of high-profile customers in government and politics.”
“We have not detected threat actor activity in Verizon’s network for some time, and after considerable work addressing this incident, we can report that Verizon has contained the activities associated with this particular incident,” said Vandana Venkatesh, Verizon’s Chief Legal Officer. Verizon added that an independent cybersecurity firm has confirmed the containment of the threat.
Both telecom giants assured that they are cooperating with authorities and have notified those whose information may have been compromised.
“We detect no activity by nation-state actors in our networks at this time,” an AT&T spokesperson said in the statement.
According to the company, the attackers, allegedly linked to the People’s Republic of China, targeted a small number of individuals connected to foreign intelligence, and notifications to affected parties have been made in collaboration with law enforcement.
The Salt Typhoon cyberattack first made headlines in October when The Wall Street Journal reported that several telecom carriers, including AT&T and Verizon, were breached.
The hackers are suspected of potentially accessing systems used by the federal government for court-authorized wiretap requests.
Since then, information about the breach has remained scarce, although T-Mobile USA Inc. disclosed it had detected suspicious activity on network-level routers resembling Salt Typhoon’s tactics.
T-Mobile claimed that it successfully expelled the attackers before any customer data was compromised.
On Friday, the White House confirmed that nine telecom companies were impacted by the Salt Typhoon intrusion. While U.S. officials declined to identify all affected carriers, industry experts have described the breach as significant.
The Biden administration recently convened a closed-door meeting with telecom industry leaders, including AT&T CEO John Stankey, to address vulnerabilities in the sector.
Officials have admitted they remain uncertain about the full scope of the attack, including how many Americans were targeted, and have warned that it may take considerable time to eliminate the threat entirely.
China has repeatedly denied any involvement in the attacks. Security analysts, however, attribute the breach to Salt Typhoon, a sophisticated cyber-espionage operation identified by Microsoft threat researchers.
This breach raises concerns over the security of critical U.S. communications infrastructure and reinforces the need for heightened collaboration between the government and the private sector.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free