AT&T and Verizon Communications, two of America’s largest telecommunications providers, have confirmed they were targeted by the China-linked Salt Typhoon hacking operation, though both companies now report their networks are clear of the intrusion.
In a statement released Saturday, Dallas-based AT&T revealed that hackers attempted to gather foreign intelligence information. The company emphasized that “a small number of individuals of foreign intelligence interest” were targeted, and they have since complied with notification obligations in coordination with law enforcement.
Verizon’s Chief Legal Officer, Vandana Venkatesh, confirmed that the attack primarily focused on “a small number of high-profile customers in government and politics.” The company stated that an independent cybersecurity firm has verified the threat’s containment.
This disclosure follows an October Wall Street Journal report that revealed these telecom carriers were compromised by Salt Typhoon network intrusions, potentially affecting systems used for court-authorized network wiretapping requests.
The White House on Friday confirmed that a total of nine telecom companies were breached in the operation, nicknamed Salt Typhoon by Microsoft’s threat researchers. However, US officials remain uncertain about the full scope of affected Americans and the timeline required to completely eliminate the threat.
T-Mobile USA Inc. also reported detecting suspicious behavior consistent with Salt Typhoon but claimed to have prevented access to customer data.
In response to these security concerns, the Biden administration recently convened a closed-door meeting with telecom industry leaders, including AT&T CEO John Stankey, to address systemic vulnerabilities. China has consistently denied any involvement in these cyber operations.
Both AT&T and Verizon are actively cooperating with authorities and notifying potentially affected parties as their investigations continue.
The incident highlights growing concerns about state-sponsored cyber threats targeting critical US infrastructure and telecommunications networks, particularly those handling sensitive government and intelligence communications.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free
The DrayTek Gateway devices, more specifically the Vigor2960 and Vigor300B models, are susceptible to a…
Researchers recently discovered a malicious campaign targeting Ukrainian military personnel through fake "Army+" application websites,…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert on a…
The Biden administration confirmed that a Chinese state-sponsored hacking group breached the U.S. Treasury Department,…
Security researchers Daan Keuper, Thijs Alkemade, and Khaled Nassar from Computest Sector 7 disclosed a…
Researchers observed a recent surge in activity from the "FICORA" and "CAPSAICIN," both variants of…