AT&T and Verizon, two of the biggest telecommunications companies globally, recently suffered a cybersecurity breach from the Chinese-linked Salt Typhoon cyber espionage group. These companies have confirmed the breach, stating that although their networks were compromised, the immediate threat has been contained and their networks are now clear.
The Salt Typhoon hacking group, which is believed to be backed by China, has been conducting cyber espionage operations for several years, targeting telecommunications and government entities worldwide. The most recent attacks, confirmed by AT&T and Verizon, appear to have been aimed at obtaining sensitive information. According to reports, the hackers gained significant access to telecom systems, allowing them to geolocate individuals, record phone calls, and collect large volumes of data. According to a White House official last week, the cyberattack has affected nine telecom companies, though no names were given at that time.
Following the revelation of the Salt Typhoon attack, the U.S. government has moved swiftly to address the growing cybersecurity risks posed by state-sponsored cyber espionage. The Cybersecurity and Infrastructure Security Agency (CISA) has been working with telecom companies, including AT&T and Verizon, to investigate the breach and recommend measures to bolster defenses against similar future attacks.
In addition to cooperation with telecom companies, U.S. officials have also been working with international allies, including Australia, Canada, and New Zealand, to share intelligence about the matter. A joint advisory was issued warning about the activities of Chinese-linked cyber groups targeting telecommunications networks worldwide. Chinese officials, for their part, have denied any involvement in the Salt Typhoon campaign, while China’s Ministry of Foreign Affairs maintains its stance that it opposes all forms of cyberattacks and cyber theft.
Both AT&T and Verizon stated that although the breach was serious, they had taken steps to contain the intrusion. Verizon emphasized that its network had been cleared of the threat after significant remediation efforts, which were validated by an independent cybersecurity firm. Meanwhile, AT&T assured customers that no ongoing malicious activity had been detected in its network and that the company was actively monitoring its systems to prevent future intrusions. The companies also confirmed they were cooperating with law enforcement and cybersecurity authorities to assess the full impact of the attack.
“We detect no activity by nation-state actors in our networks at this time. Based on our current investigation of this attack, the People’s Republic of China targeted a small number of individuals of foreign intelligence interest,” a spokesperson for AT&T commented on the matter. “We have not detected threat actor activity in Verizon’s network for some time, and after considerable work addressing this incident, we can report that Verizon has contained the activities associated with this particular incident,” Vandana Venkatesh, Chief Legal Officer at Verizon, said in a statement.
