A Chinese hacking group, known as “Salt Typhoon,” has stolen a significant amount of Americans’ metadata in an ongoing cyberespionage campaign, a senior U.S. official revealed on Wednesday. The hackers targeted telecommunications infrastructure in the United States, affecting a wide range of companies. While precise figures were not disclosed, the official confirmed that the breach was extensive and remains active.
The official, speaking anonymously, clarified that while the hacking does not involve every American’s cell phone records, it has likely impacted a large number of individuals targeted by the Chinese government. “We believe a large number of Americans’ metadata was taken,” the official stated, though specifics were withheld.
Salt Typhoon’s activity extended beyond the U.S., hitting dozens of companies worldwide. In the United States alone, the group infiltrated at least eight telecommunications and telecom infrastructure firms, including major players such as Verizon, AT&T, T-Mobile, and Lumen. T-Mobile has asserted that no customer data was compromised in its case, while Lumen stated there is no evidence of customer data being accessed on its network. However, the hackers are believed to have stolen telephone audio intercepts and large volumes of call record data in other instances.
What Metadata Reveals
Call record metadata, often referred to as the who, what, when, and where of phone calls, does not include the content of calls but provides critical insights. It can reveal details such as the participants of a call, its duration, and its location. When aggregated, such metadata offers granular insights into personal lives, professional activities, and intimate connections.
Federal Response to Salt Typhoon
The U.S. government has prioritized countering Salt Typhoon’s activities, with President Joe Biden receiving multiple briefings on the matter. Efforts to mitigate the breach include high-level coordination across federal agencies. On Wednesday, U.S. government officials conducted a classified briefing for senators, outlining Salt Typhoon’s strategies to compromise American telecommunications firms.
Participants in the closed-door briefing included representatives from the FBI, Director of National Intelligence Avril Haines, the Federal Communications Commission, the National Security Council, and the Cybersecurity and Infrastructure Security Agency. Officials emphasized the gravity of the breach and its implications for national security.
The cyberespionage campaign highlights the persistent threat posed by state-sponsored hacking groups. The federal government continues to monitor and respond to Salt Typhoon’s actions, stressing the need for robust cybersecurity measures across critical infrastructure sectors.
