Chinese Cyber Attack Hits U.S. Telecom Firms: T-Mobile, AT&T, and More Compromised

Update (11/27/24 8:18 pm EST):

T-Mobile Chief Security Officer, Jeff Simon, released an update regarding the alleged cyber attack. The Un-carrier confirmed that they “detected attempts to infiltrate” the system by bad actors. Fortunately, T-Mobile’s defenses worked as intended and protected “sensitive customer information, prevented any disruption of our services, and stopped the attack from advancing. Bad actors had no access to sensitive customer data (including calls, voicemails or texts).

You can read the rest of the report here.

Update (11/16/24 8:18 pm EST):

T-Mobile sent us a statement regarding this report:

“T-Mobile is closely monitoring this industry-wide attack. Due to our security controls, network structure and diligent monitoring and response we have seen no significant impacts to T-Mobile systems or data. We have no evidence of access or exfiltration of any customer or other sensitive information as other companies may have experienced. We will continue to monitor this closely, working with industry peers and the relevant authorities.”

The Un-carrier says they “have no evidence of access.”

The original story is below.


T-Mobile was one of several telecommunications companies targeted in a major hacking operation linked to Chinese hackers. This cyber-attack, which lasted several months, aimed to spy on important individuals’ cellphone communications in the U.S. and other countries. While it is unclear what specific information the hackers may have accessed from T-Mobile, the company has stated that, so far, there is no evidence of significant damage or any impact on customer data. T-Mobile is actively monitoring the situation to ensure its systems remain secure.

WSJ reported that US officials identified the hacking group behind this attack as “Salt Typhoon.” The group used advanced techniques to break into telecom networks. They may have used tools like artificial intelligence to find weaknesses, particularly in routers made by Cisco Systems, which are a crucial part of telecom infrastructure. 

The attack is considered one of the largest and most severe of its kind, lasting over eight months. It affected not only T-Mobile but also other major telecom companies like AT&T, Verizon, and Lumen Technologies. The hackers managed to access sensitive information such as call records, unencrypted text messages, and even some audio recordings from the phones of high-level U.S. government officials and politicians. This raises serious national security concerns because it could expose confidential government communications to foreign spies.

Additionally, the hackers accessed systems used by these telecom companies to respond to U.S. government surveillance requests, which could further complicate national security efforts. However, in the case of Lumen Technologies, sources say the hackers did not access any customer data or wiretap capabilities.

The cyber-espionage campaign also affected telecom companies in other countries that have close intelligence-sharing relationships with the U.S., showing just how far-reaching the attack was. Earlier this week, the Biden administration publicly acknowledged the seriousness of this hack. A statement from the FBI (Federal Bureau of Investigation) and CISA (Cybersecurity and Infrastructure Security Agency) confirmed that the Chinese hackers breached multiple telecom networks. They stole call data, accessed private communications of government and political figures, and copied information that U.S. law enforcement had requested under court orders.

The FBI and CISA are still investigating this cyber-attack, and they expect to learn more as their investigation continues. This incident highlights the increasing threat of state-sponsored hacking and emphasizes the need for stronger cybersecurity measures to protect essential communication networks.

Source: WSJ

Tags: , , , , , , ,