Chinese Hackers Accessed Sensitive Data on U.S. Telecom Networks

The FBI and Cybersecurity and Infrastructure Security Agency (CISA) have disclosed new findings in a sweeping cyber espionage operation tied to the People’s Republic of China (PRC), confirming significant breaches across U.S. telecom infrastructure.

The joint statement released yesterday indicates that PRC-affiliated hackers have infiltrated multiple telecommunications networks, gathering sensitive data and compromising private communications linked to U.S. government and political figures.

Private communications exposed

According to the FBI and CISA, this campaign has enabled PRC-linked actors to access extensive customer call data records and selectively intercept private communications of individuals in key political or governmental roles.

The hackers also accessed and duplicated data requested by U.S. law enforcement under court orders, suggesting they may have exploited legal mechanisms for added intelligence gathering. As the investigation progresses, officials expect to uncover additional aspects of the compromise, suggesting a campaign that is both deep-seated and wide-ranging.

This announcement follows an earlier warning from the FBI and CISA on October 28, when both agencies reported similar Chinese state-sponsored breaches in the U.S. telecommunications sector. During that initial report, the agencies advised telecom providers to secure their systems immediately, as the breaches were seen as serious threats to national security, potentially jeopardizing the confidentiality of critical communications channels.

Telecom networks under fire

The breaches are believed to impact major telecom networks, though neither CISA nor the FBI named specific companies. These compromised systems serve not only commercial users but are integral to national infrastructure, handling communications that support both civilian and governmental operations.

PRC-affiliated hackers’ ability to infiltrate call data and intercept communications on these networks could enable comprehensive surveillance, data exfiltration, and intelligence operations, posing significant risks to individuals in sensitive positions as well as to U.S. national security more broadly.

Beyond U.S. borders, similar activity has been observed in Canada, where Chinese reconnaissance scans of critical sectors, including telecom, were reported by the Communications Security Establishment (CSE) earlier in October. The Canadian advisory, while indicating that only scans (not full intrusions) were detected, emphasized the need for robust cybersecurity measures due to the likelihood of escalated attacks on government and critical infrastructure.

The FBI and CISA have bolstered technical support to affected telecom firms, aiding in immediate containment measures and guiding companies through cybersecurity best practices. Both agencies are coordinating rapid information sharing to prevent further breaches within the telecommunications industry and are urging other entities in the sector to adopt enhanced cybersecurity measures proactively.