Cyber Crime
Chinese Hackers Breach “Private Communications” of US Government Officials: Full Details Inside
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have confirmed that Chinese state-backed hackers infiltrated private communications of several government officials through breaches in multiple American telecommunications companies.
This major cybersecurity incident has raised alarm due to the attackers’ prolonged access and the sensitive nature of the compromised information.
According to a joint statement released by CISA and the FBI, the attackers—affiliated with China—gained access to customer call records and law enforcement data requests from compromised telecommunications networks.
Specifically, the attackers infiltrated systems that allowed them to intercept private communications involving a limited number of individuals primarily engaged in government or political activities. The stolen data also included information subject to U.S. law enforcement requests under court orders.
This security alert follows an initial disclosure by the agencies in late October, revealing that a Chinese hacking group, identified as Salt Typhoon (also known as Earth Estries, FamousSparrow, Ghost Emperor, and UNC2286), had breached several major U.S. telecom providers, including AT&T, Verizon, and Lumen Technologies.
The attackers reportedly maintained access to these networks for months, enabling them to intercept and collect large volumes of internet traffic from service providers catering to millions of American customers.
The hackers also accessed federal government systems used for court-authorized network wiretapping, amplifying concerns about the scale of the breach. Meanwhile, Canadian authorities recently disclosed similar espionage attempts targeting multiple government agencies, political parties, and critical infrastructure by Chinese-backed hackers.
ALSO READ: Nominations Open for ‘Women in Cyber’ Honors at FutureCrime Summit 2025
Salt Typhoon, active since at least 2019, has typically targeted government and telecommunications entities in Southeast Asia.
In a related development, another Chinese group, Volt Typhoon, was reported to have hacked ISPs and MSPs in the U.S. and India, using credentials stolen through a separate vulnerability in Versa Director.
This breach underscores the rising threat from state-sponsored cyber activities and highlights the urgent need for strengthened defenses across critical infrastructure.