AT&T and Verizon Communications, two of America’s largest telecommunications providers, have confirmed they were targeted by the China-linked Salt Typhoon hacking operation, though both companies now report their networks are clear of the intrusion.
In a statement released Saturday, Dallas-based AT&T revealed that hackers attempted to gather foreign intelligence information. The company emphasized that “a small number of individuals of foreign intelligence interest” were targeted, and they have since complied with notification obligations in coordination with law enforcement.
Verizon’s Chief Legal Officer, Vandana Venkatesh, confirmed that the attack primarily focused on “a small number of high-profile customers in government and politics.” The company stated that an independent cybersecurity firm has verified the threat’s containment.
This disclosure follows an October Wall Street Journal report that revealed these telecom carriers were compromised by Salt Typhoon network intrusions, potentially affecting systems used for court-authorized network wiretapping requests.
The White House on Friday confirmed that a total of nine telecom companies were breached in the operation, nicknamed Salt Typhoon by Microsoft’s threat researchers. However, US officials remain uncertain about the full scope of affected Americans and the timeline required to completely eliminate the threat.
T-Mobile USA Inc. also reported detecting suspicious behavior consistent with Salt Typhoon but claimed to have prevented access to customer data.
In response to these security concerns, the Biden administration recently convened a closed-door meeting with telecom industry leaders, including AT&T CEO John Stankey, to address systemic vulnerabilities. China has consistently denied any involvement in these cyber operations.
Both AT&T and Verizon are actively cooperating with authorities and notifying potentially affected parties as their investigations continue.
The incident highlights growing concerns about state-sponsored cyber threats targeting critical US infrastructure and telecommunications networks, particularly those handling sensitive government and intelligence communications.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free
Cybercriminals are increasingly exploiting search engine optimization (SEO) techniques and paid advertisements to manipulate search…
Cybersecurity experts have unearthed an intricate cyber campaign that leverages deceptive websites posing as the…
Hackers are exploiting what's known as "Dangling DNS" records to take over corporate subdomains, posing…
Security researchers and cybersecurity experts have recently uncovered new variants of the notorious HelloKitty ransomware,…
The RansomHub ransomware group has emerged as a significant danger, targeting a wide array of…
Threat actors are increasingly using email bombing to bypass security protocols and facilitate further malicious…