(Credit: Bill Hinton Photography via Getty Images)
A White House official has confirmed that a ninth telecommunications firm was impacted by the "Salt Typhoon" Chinese hacking group, the AP reports.
Deputy National Security Adviser Anne Neuberger didn’t identify the companies affected by the hacking in a briefing with reporters, but she said hackers want access to customers' call records and their private communications.
Hackers are targeting unnamed specific individuals who are “primarily involved in government or political activity.” Neuberger said that due to the techniques used by the hackers, she’s not able to disclose how many Americans have been compromised, but said that a “large number” are in the "Washington-Virginia area." In late October, The New York Times reported that Donald Trump, JD Vance, and staff members of Vice President Kamala Harris’s campaign were potentially targeted.
Though neither the government nor any of the companies have so far confirmed if they were breached, according to The Wall Street Journal, many of the largest US telecommunications firms, such as AT&T, Verizon, and T-Mobile, were impacted. Normally firms have a legal requirement to report data breaches publicly, but the WSJ notes these rules don't apply in cases to do with national security.
The Chinese hackers may have accessed network infrastructure that ISPs use to answer court-authorized wiretapping requests, according to the WSJ, and they may have had access for several months. Earlier this month, White House officials cautioned that the number of telecommunications firms and countries impacted could still grow.
Neuberger said this week that the incidents underscore the need for mandatory cybersecurity rules in the telecom industry. “We know that voluntary cybersecurity practices are inadequate to protect against China, Russia, and Iran hacking of our critical infrastructure,” she said.
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) released an advisory earlier this month on how US telecommunications providers can bolster their cyber defenses. They also encouraged everyone to use encrypted messaging apps. The FCC is considering using legal authority to force US telecoms to improve their defenses or face fines for noncompliance.
The Chinese government has so far denied any link to the hacking group.