AT&T and Verizon have announced that their networks are now secure following cyberespionage intrusions attributed to Salt Typhoon, a China-linked hacking group. The telecommunications giants acknowledged the breaches, which targeted sensitive network infrastructure, but assured the public that the attacks have been contained, and no further activity by the threat actors has been detected.
The Salt Typhoon operation, which was disclosed in October, is believed to have compromised systems used for lawful wiretap requests, potentially exposing sensitive data. The hackers, allegedly tied to the Chinese government, were focused on gathering intelligence and geolocating individuals of interest. AT&T, Verizon, and other affected companies have since worked with U.S. government officials and cybersecurity experts to mitigate the impact of the breaches.
In a statement, AT&T confirmed the breach, noting that Salt Typhoon targeted “a small number of individuals of foreign intelligence interest.” The Dallas-based telecom provider stated, “We detect no activity by nation-state actors in our networks at this time.” AT&T has cooperated with authorities and notified impacted individuals. The company continues to monitor and remediate its systems in collaboration with government officials, industry peers, and third-party experts.
Verizon's Chief Legal Officer echoed a similar message, confirming that its networks are secure. The company, backed by an independent cybersecurity firm, declared that it had contained the breach and eliminated malicious activity. Verizon did not specify the extent of the data accessed but reassured customers that its actions have safeguarded their information.
Salt Typhoon profile and operations
Salt Typhoon, also referred to as GhostEmperor or FamousSparrow by cybersecurity firms, is a sophisticated Chinese state-sponsored hacking group that has been active since 2020. The group specializes in cyber-espionage, targeting North American and Southeast Asian entities to extract intelligence. In the recent telecommunications breach, Salt Typhoon exploited network infrastructure critical to government wiretapping operations, posing a severe national security threat.
The group's activities were uncovered earlier this year, and investigations revealed that the hackers had likely been present in these networks for months. Their capabilities reportedly allowed them to intercept phone calls, geolocate individuals, and access a broad spectrum of sensitive network traffic.
The breach affected nine U.S. telecommunications providers, including AT&T, Verizon, and Lumen Technologies. The White House confirmed the scope of the intrusion but did not name all the companies involved. Security officials have described the incident as one of the largest telecommunications hacks in U.S. history, with potential implications for both national security and personal privacy.
In response, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged high-level government and political figures to adopt end-to-end encrypted communication apps. Congressional hearings have also called for increased investment in network security and a thorough review of vulnerabilities within the nation's telecom infrastructure.
VW Suffers Major Breach Exposing Location of 800,000 Electric Vehicles
Leave a Reply